OnCell G3470A-LTE User’s Manual
Edition 1.1, July 2016
www.moxa.com/product
© 2016 Moxa Inc. All rights reserved.
OnCell G3470A-LTE User’s Manual
Moxa Ame
Toll
Tel:
Fax:
Moxa China (Shanghai office)
Toll
Tel:
Fax:
Moxa Europe
Tel:
Fax:
Moxa Asia
Tel:
Fax:
Moxa India
Tel:
Fax:
The software described in this manual is furnished under a license agreement and may be used only in accordance with
the terms of that agreement.
Copyright Notice
© 2016 Moxa Inc. All rights reserved.
Trademarks
The MOXA logo is a registered trademark of Moxa Inc.
All other trademarks or registered marks in this manual belong to their respective manufacturers.
Disclaimer
Information in this document is subject to change without notice and does not represent a commitment on the part of
Moxa.
Moxa provides this document as is, without warranty of any kind, either expressed or implied, including, but not limited
to, its particular purpose. Moxa reserves the right to make improvements and/or changes to this manual, or to the
products and/or the programs described in this manual, at any time.
Information provided in this manual is intended to be accurate and reliable. However, Moxa assumes no responsibility for
its use, or for any infringements on the rights of third parties that may result from its use.
This product might include unintentional technical or typographical errors. Changes are periodically made to the
information herein to correct such errors, and these changes are incorporated into new editions of the publication.
Technical Support Contact Information
www.moxa.com/support
ricas
-free: 1-888-669-2872
+1-714-528-6777
+1-714-528-6778
+49-89-3 70 03 99-0
+49-89-3 70 03 99-99
+91-80-4172-9088
+91-80-4132-1045
-free: 800-820-5036
+86-21-5258-9955
+86-21-5258-5505
-Pacific
+886-2-8919-1230
+886-2-8919-1231
Table of Contents
1. Introduction ...................................................................................................................................... 1-1
Overview ........................................................................................................................................... 1-2
Package Checklist ............................................................................................................................... 1-2
Product Features ................................................................................................................................ 1-2
Product Specifications ......................................................................................................................... 1-3
Functional Design ............................................................................................................................... 1-5
LED Indicators ............................................................................................................................ 1-6
Beeper ....................................................................................................................................... 1-7
Reset Button ............................................................................................................................... 1-7
2. Getting Started ................................................................................................................................. 2-1
First-time Installation and Configuration ................................................................................................ 2-2
Step 1: Inserting a SIM Card ........................................................................................................ 2-2
Step 2: Turning on the OnCell G3470A-LTE .................................................................................... 2-2
Step 3: Connecting the OnCell G3470A-LTE to a Computer ............................................................... 2-2
Step 4: Configuring the Computer’s IP Address ............................................................................... 2-2
Step 5: Accessing the Web Console ............................................................................................... 2-3
Step 6: Establishing a Cellular Connection ...................................................................................... 2-3
Step 7: Verifying the Cellular Connection ....................................................................................... 2-4
3. Web Console Configuration ............................................................................................................... 3-1
Accessing the Web Console .................................................................................................................. 3-2
Configuration Menu Overview ....................................................................................................... 3-3
Overview ........................................................................................................................................... 3-4
Basic Settings .................................................................................................................................... 3-4
System Info Settings ................................................................................................................... 3-4
Network Settings ......................................................................................................................... 3-5
Time Settings ............................................................................................................................. 3-5
Cellular Settings ................................................................................................................................. 3-6
Cellular WAN Settings .................................................................................................................. 3-6
GuaranLink ................................................................................................................................. 3-8
Auto IP Report Settings .............................................................................................................. 3-11
GPS Settings ............................................................................................................................ 3-12
Oncell Central Manager Setting ................................................................................................... 3-12
Advanced Settings ............................................................................................................................ 3-12
DHCP Server (for AP mode only) ................................................................................................. 3-13
DDNS ...................................................................................................................................... 3-14
Packet Filters ............................................................................................................................ 3-14
SNMP Agent ............................................................................................................................. 3-16
Port Forwarding ........................................................................................................................ 3-18
VPN ......................................................................................................................................... 3-19
Auto Warning Settings ....................................................................................................................... 3-26
System Log .............................................................................................................................. 3-26
Syslog ..................................................................................................................................... 3-27
E-Mail ...................................................................................................................................... 3-28
Relay ....................................................................................................................................... 3-30
Trap ........................................................................................................................................ 3-30
SMS ........................................................................................................................................ 3-32
Status ............................................................................................................................................. 3-33
DNS Information ....................................................................................................................... 3-33
SIM Status ............................................................................................................................... 3-33
Network Statistics ..................................................................................................................... 3-33
Routing Table ........................................................................................................................... 3-33
DHCP Client List (for AP mode only) ............................................................................................ 3-34
System Log .............................................................................................................................. 3-34
Relay Status ............................................................................................................................. 3-35
DI and Power Status .................................................................................................................. 3-35
VPN Log ................................................................................................................................... 3-36
Maintenance .................................................................................................................................... 3-37
Console Settings ....................................................................................................................... 3-37
Ping ......................................................................................................................................... 3-37
Firmware Upgrade ..................................................................................................................... 3-38
Config Import Export ................................................................................................................. 3-38
Load Factory Default .................................................................................................................. 3-39
Password ................................................................................................................................. 3-39
Misc. Settings ........................................................................................................................... 3-39
Manual SMS .............................................................................................................................. 3-40
Remote SMS Control .................................................................................................................. 3-40
Save Configuration ........................................................................................................................... 3-41
Restart ............................................................................................................................................ 3-42
Logout ............................................................................................................................................ 3-42
4. Software Installation and Configuration ........................................................................................... 4-1
Overview ........................................................................................................................................... 4-2
Wireless Search Utility ......................................................................................................................... 4-2
Installing the Wireless Search Utility .............................................................................................. 4-2
Configuring the Wireless Search Utility ........................................................................................... 4-5
A. Supporting Information .................................................................................................................... A-1
Firmware Recovery ............................................................................................................................. A-2
DoC (Declaration of Conformity) ........................................................................................................... A-3
Federal Communication Commission Interference Statement ............................................................ A-3
R&TTE Compliance Statement ....................................................................................................... A-4
B. Dynamic Domain Name Server .......................................................................................................... B-1
C. Well-Known Port Numbers ................................................................................................................ C-1
1
1. Introduction
The OnCell G3470A-LTE industrial cellular gateway is an ideal wireless solution for remote monitoring
applications. With wide temperature support and power and antenna isolation design, the OnCell G3470A-LTE
is rugged enough for any harsh industrial environment.
The following topics are covered in this chapter:
Overview
Package Checklist
Product Features
Product Specifications
Functional Design
LED Indicators
Beeper
Reset Button
OnCell 3470A-LTE Introduction
1-2
NOTE
The above items
y for
customized versions.
Overview
The OnCell G3470A-LTE industrial cellular gateway provides a higher cellular bandwidth and more reliable
connection to your Ethernet network for cellular applications. With the integrated 4-port gigabit Ethernet
switch and LTE support, the OnCell G3470A-LTE offers a faster cellular connection with a lower total cost of
ownership. To enhance reliability, a key for industrial users, the OnCell G3470A-LTE features isolation design
for both power and antenna inputs. Coupled with high-level EMS and wide-temperature support, the OnCell
G3470A-LTE provides the highest level of device stability in any rugged environment. In addition, with dual SIM
and dual power-input features, the OnCell G3470A-LTE supports network redundancy to ensure that your
application’s network connectivity is not interrupted.
Package Checklist
Moxa’s OnCell G3470A-LTE is shipped with the following items. If any of these items is missing or damaged,
please contact your customer service representative for assistance.
• OnCell G3470A-LTE
• 1 GPS connector terminator
• 2 2G/3G/4G omni-directional antennas, 2 dBi, SMA (male)
• 5 plastic RJ45 protective caps for serial console and Ethernet ports
• Quick installation guide (printed)
• Warranty card
come with the standard OnCell G3470A-LTE model, but the package contents may var
Product Features
• VPN support
• Multiple LTE band support:
EU Model: B1/B3/B7/B8/B20
US Model: B2/B4/B5/B13/B17/B25
• Universal cellular bands support for GSM/GPRS/HSPA
• Built-in 4-port Gigabit Ethernet switch for local network connectivity
• Virtual private responder/initiator support
• Industrial-grade design:
Dual power input for power redundancy
Dual-SIM support for cellular connection redundancy
Antenna isolation for 500V protection against radio interference
Power isolation for 500V power source insulation protection
-35°C to 70°C wide operating temperature (wide temperature support only applies to certain SKUs)
OnCell 3470A-LTE Introduction
1-3
Cellular Interface
Standards:
Band Options:
OnCell
• LTE 2100/1800/2600/900/800 MHz (B1/B3/B7/B8/B20)
• UMTS/HSPA 2100/1900/850/800/900 MHz
OnCell G3470A
• LTE 1900/AWS/850/700/1900 MHz (B2/B4/B5/B13/B17/B25)
• UMTS/HSPA 2100/1900/AWS/850/900 MHz
• Universal Quad
LTE Data Rate:
• Downlink: 100 Mbps (20 MHz bandwidth), 50 Mbps (10 MHz bandwidth)
• Uplink: 50 Mbps (20 MHz bandwidth), 25 Mbps (10 MHz bandwidth)
HSPA Data Rate:
• Downlink: Up to 42 Mbps (category 24)
• Uplink: Up to 5.76 Mbps (
GPRS/EDGE Data Rate:
LAN Interface
Number of Ports:
Ethernet:
Interface
Alarm Contact:
Console Port:
Cellular Antenna Connectors:
Digital Inputs:
2 electrically isolated inputs
+13 to +30 V for state “1”
+3 to
GNSS:
LED Indicators:
Ground Screw:
Reset Button:
Software
Network Protocols:
Routing/Firewall:
VPN:
• Max. Tunnel Number: 5 (Responder/Initiator)
• IPSec (DES, 3DES, AES, MD5, SHA
Cell
GPS:
Others:
Management Software
Utilities:
Configuration and Management Options:
Console
Private IP Solution:
SIM Interface
Number of SIMs:
SIM Control:
Product Specifications
GSM/GPRS/EDGE/UMTS/HSPA/LTE
G3470A-LTE-EU:
-LTE-US:
-band GSM/GPRS/EDGE 850/900/1800/1900 MHz
category 6)
236 kbps Downlink/Uplink (Class 10/12)
4
10/100/1000 Mbps, RJ45 connector, Auto MDI/MDIX
1 relay output with current carrying capacity of 1 A @ 24 VDC
RS-232 (RJ45)
2 SMA (female)
-30 V for state “0”
1 SMA (female), GPS (1575.42 MHz), GLONASS (1602 MHz)
PWR1, PWR2, READY, FAULT, CELLULAR SIGNAL, SIM1, SIM2, 2G, 3G, 4G, GPS
M5
Power Reset/Factory Default Reset
ICMP, TCP/IP, UDP, DHCP, Telnet, DNS, SNMP, HTTP, HTTPS, SMTP, SNTP, ARP
NAT, Port Forwarding, IP/MAC/Port Filtering
-1, DH2, DH5), PSK/X.509/RSA
ular Connectivity: GuaranLink
NMEA
DDNS
OnCell Search Utility
Remote SMS Control, SNMPv1/v2c/v3, Web/Telnet/Serial
OnCell Central Manager
2
3 V
OnCell 3470A-LTE Introduction
1-4
Physical Characteristics
Housing:
Weight:
Installation:
Dimensions:
Environmental Limits
Operating Temperature:
Standard Models:
Wide Temp. Models:
Storage Temperature:
Ambient Relative
Power Requirements
Connector:
Input Voltage:
Power Consumption:
Reverse Polarity Protection:
Standards and Certifications
Safety:
EMC:
OnCell G3470A
OnCell G3470A
Radio:
OnCell G3470A
OnCell G3470A
Reliability
MTBF (mean time between failures):
Warranty
Warranty Period:
Details:
ATTENTION
•
is NOT a portable mobile device and should be located at least 20 cm away from
•
Aluminum, providing IP30 protection
1300 g
DIN-rail (default) or wall-mount (optional)
67 x 90.5 x 124 mm (2.6 x 3.52 x 4.83 inch)
-30 to 55°C (-22 to 131°F)
-30 to 70°C (-22 to 158°F)
-40 to 85°C (-40 to 185°F)
Humidity: 5 to 95% (30°C, non-condensing)
4-pin removable terminal block
12 to 48 VDC, redundant dual inputs
9.6W (12V/0.7A to 48V/0.2A)
Present
OnCell G3470A-LTE-US: UL 60950-1
-LTE-US: FCC Part 15 Subpart B
-LTE-EU: EN 61000-6-2/-4
-LTE-US: FCC ID N7NMC7355
-LTE-EU: EN 301 489-1, EN 301 489-7, EN 301 511/4
327,326 hrs
5 years
See www.moxa.com/warranty
The OnCell G3470A-LTE
the human body.
The OnCell G3470A-LTE is NOT designed for the general public. A well-trained technician should be
enlisted to ensure safe deployment of OnCell G3470A-LTE units, and to establish a wireless network.
OnCell 3470A-LTE Introduction
1-5
Functional Design
1. GPS antenna connector (female SMA)
2. Terminal block (two digital input and one digital relay)
3. Grounding screw (M5)
4. Terminal block (PWR1 and PWR2)
5. 2x2 MIMO antenna ports for LTE (female SMA)
6. RS-232 serial console (RJ45)
7. 10/100/1000 BaseT(X) Ethernet ports (RJ45)
8. LED display
9. DIN-rail mounting kit
10. Reset button
11. Dual SIM – SIM1
12. Dual SIM – SIM2
OnCell 3470A-LTE Introduction
1-6
Registered to a base station with cellular connection in GPRS
Registered to a base station with cellular connection in UMTS
ATTENTION
When the system fails to boot, the LEDs for
simultaneously and blink at one-second intervals. This may be due to improper operation or uncontrollable
issues, such as an unexpected shutdown while updating the firmware. To recover the firmware, refer to the
“Firmware Recovery” secti
LED Indicators
The LEDs on the front panel of the OnCell G3470A-LTE provide a quick and easy means of determining the
current operational status and wireless settings.
The following table summarizes how to read the device’s wireless settings from the LED displays. More
information is available in Chapter 3 in the “Basic Wireless Settings” section.
LED Color State Description
Front Panel LED Indicators (System)
PWR1 Green On Power is being supplied from power input 1
PWR2 Green On Power is being supplied from power input 2
READY Green On System startup is complete and the system is operating
Blinking Device has been located by the OnCell Search Utility
Off Power is off, or the system is booting up
FAULT Red On System configuration error or a relay event has occurred
Blink IP address conflict
Off Power is off, or there is no error condition.
CELLULAR
SIGNAL (3 LEDs)
SIM1 Amber On/Off SIM 1 is active or inactive
SIM2 Amber On/Off SIM 2 is active or inactive
2G Amber On
3G Amber On
4G Amber On Registered to a base station with cellular connection in LTE
GPS Green On GPS has been located
1000M Green On 1000Mbps link is active
10/100M Amber On 10/100Mbps link is active
Green On Number of LEDs to indicate cellular signal level when
registered to a base station.
Signal LED 1: 0 < RSSI ≤ 12
Signal LED 2: 12 < RSSI ≤ 21
Signal LED 3: 22 < RSSI ≤ 31
Blink SIM 1 is not inserted or PIN code is incorrect
Blink SIM 2 is not inserted or PIN code is incorrect
or EDGE mode
or HSPA mode
mode
Blinking Locating GPS or less than four satellites have been located.
Off GPS has not been located.
LAN Port LED Indicators (Port Interface)
Blink Data is being transmitted at 1000Mbps
Off 1000Mbps link is inactive
Blink Data is being transmitted at 10/100Mbps
Off 10/100Mbps link is inactive
on in Chapter 6.
STATE (Green), FAULT, and WLAN will all light up
OnCell 3470A-LTE Introduction
1-7
Beeper
The beeper emits two short beeps when the system is ready.
Reset Button
The RESET button is located on the bottom panel of the OnCell G3470A-LTE. You can reboot the OnCell
G3470A-LTE or reset it to factory default settings by pressing the RESET button with a pointed object such as
an unfolded paper clip.
• System reboot: Hold the RESET button down for under 5 seconds and then release.
• Reset to factory default: Hold the RESET button down for over 5 seconds until the STATE LED starts
blinking green. Release the button to reset the OnCell G3470A-LTE.
2
2. Getting Started
This chapter explains how to install Moxa’s OnCell G3470A-LTE for the first time, and quickly set up your
wireless network and test whether the connection is running well. The Function Map discussed in the third
section provides a convenient means of determining which functions you need to use.
The following topics are covered in this chapter:
First-time Installation and Configuration
Step 1: Inserting a SIM Card
Step 2: Turning on the OnCell G3470A-LTE
Step 3: Connecting the OnCell G3470A-LTE to a Computer
Step 4: Configuring the Computer’s IP Address
Step 5: Accessing the Web Console
Step 6: Establishing a Cellular Connection
Step 7: Verifying the Cellular Connection
OnCell 3470A-LTE Getting Started
2-2
The SIM card slots are i
install a SIM card, complete the following steps:
off
off
NOTE
After you select
G3470A
First-time Installation and Configuration
Before installing the OnCell G3470A-LTE, make sure that all items in the package checklist are in the box. In
addition, you will need access to a notebook computer or PC equipped with an Ethernet port. The OnCell
G3470A-LTE has a default IP address that you must use when connecting to the device for the first time.
Step 1: Inserting a SIM Card
Insert one or two 2G/3G/4G SIM cards into the SIM slots located on the bottom of the OnCell G3470A-LTE.
Installing a SIM Card
nside the OnCell G3470A-LTE’s housing. To
1. Turn off the OnCell G3470A-LTE.
2. Remove the screw to remove the SIM card slot cover.
3. Install a SIM card into a SIM card slot. Do the following:
a. For SIM 1, orient the gold contacts facing down and the cut-
edge to the left.
b. For SIM 2, orient the gold contacts facing up and the cut-
edge to the right.
4. Install the screw to secure the SIM card slot cover.
Step 2: Turning on the OnCell G3470A-LTE
Turn on the OnCell G3470A-LTE by connecting a power terminal block to a DC power source.
Step 3: Connecting the OnCell G3470A-LTE to a Computer
Since the OnCell G3470A-LTE supports MDI/MDI-X auto-sensing, you can use either a straight-through cable
or crossover cable to connect the OnCell G3470A-LTE to a computer. If the LED indicator on the OnCell
G3470A-LTE's LAN port lights up, it means a connection has been established.
Step 4: Configuring the Computer’s IP Address
Set an IP address on the same subnet as the OnCell G3470A-LTE. Since the OnCell G3470A-LTE’s default IP
address is 192.168.127.254, and the subnet mask is 255.255.255.0, you should set the IP address of the
computer to 192.168.127.xxx.
-LTE will be reset to factory default settings and the IP address will be reset to 192.168.127.254.
Maintenance > Load Factory Default and click the Submit button, the OnCell
OnCell 3470A-LTE Getting Started
2-3
NOTE
Default user name and password:
For security reasons, we strongly recommend changing the default password. To do so, select Maintenance
>
NOTE
After you click
and a
blinking reminder will be shown on the upper
To activate the changes click
after you change the settings. About 30
seconds are needed for the
Step 5: Accessing the Web Console
To access the web console:
1. Open a web browser.
2. Enter http://192.168.127.254 in the address field.
3. A login screen appears. Enter the user name (the default is “admin”) and password (the default is “root”);
then, click Login.
User Name: admin
Password: root
Password, and then follow the on-screen instructions to change the password.
Submit to apply changes the web page will refresh (Updated) will appear on the page
-right corner of the web page:
Restart and then Save and Restart
OnCell G3470A-LTE to complete the reboot procedure.
Step 6: Establishing a Cellular Connection
After installing a SIM card, obtain the SIM card PIN and APN (Access Point Name) information from your service
provider and configure the cellular WAN settings.
To configure cellular WAN settings and establish a cellular connection:
1. Log into the web console.
2. Click Cellular Settings > Cellular WAN Settings and enter the SIM card PIN and APN values.
3. Restart the OnCell G3740A-LTE. The OnCell 3740A-LTE automatically establishes a cellular connection to
the service provider.
OnCell 3470A-LTE Getting Started
2-4
Step 7: Verifying the Cellular Connection
You can use one of the following methods to verify the cellular connection:
1. Check the LED display.
Check the SIM 1, SIM2, 2G, 3G, and 4G LEDs on the front panel.
If a SIM LED is blinking, this indicates that a SIM card is not installed in the SIM slot or the SIM card PIN
information is not configured in the web console.
If the installed SIM card supports 3G or 4G service but only the 2G LED is turned on, this indicates that the
OnCell G3470A-LTE is connected to the cellular network but is not registered for 3G or 4G service. Make
sure that you enter the correct APN information in the web console.
2. Check the Overview screen in the web console.
Log into the web console and display the Overview screen. Check the status for the Cellular RSSI, Cellular
WAN IP address, and Cellular Mode fields to diagnose any connection problem.
For Cellular RSSI (Received Signal Strength Indication), make sure that the value is above 12 RSSI in order
to maintain a stable connection.
If the Cellular WAN IP address is not available but the RSSI is more than 12, make sure that the APN
configuration is correct. The service provider assigns a private address for the WAN IP address, which is not
accessible externally.
3. Test cellular network access on your computer.
For users with public SIM cards, instead of SIM cards with MDVPN service enabled, you can test the
connection to the Internet on your computer (assuming that your computer is connected to an Ethernet
port on the OnCell G3470A-LTE). The following shows an example configuration.
• Laptop IP Address: 192.168.127.10 (on the same subnet as the OnCell gateway)
• Laptop Subnet Mask: 255.255.255.0 (on the same subnet as the OnCell gateway)
• Laptop Default Gateway: 192.168.17.254 (the OnCell gateway IP address)
• Laptop Primary DNS Server: 8.8.8.8 (test with Google's public DNS server)
• Laptop Primary DNS Server: 8.8.4.4 (test with Google's public DNS server)
After the configuration is complete, your computer will be able to the access the Internet.
For information on testing the connection with a DHCP server, refer to Chapter 3.
3
3. Web Console Configuration
This chapter describes the web console that you can use to configure your OnCell G3470A-LTE and set up a
wireless network.
The following topics are covered in this chapter:
Accessing the Web Console
Configuration Menu Overview
Overview
Basic Settings
System Info Settings
Network Settings
Time Settings
Cellular Settings
Cellular WAN Settings
GuaranLink
Auto IP Report Settings
GPS Settings
Oncell Central Manager Setting
Advanced Settings
DHCP Server (for AP mode only)
DDNS
Packet Filters
SNMP Agent
Port Forwarding
VPN
Auto Warning Settings
System Log
Syslog
E-Mail
Relay
Trap
SMS
Status
DNS Information
SIM Status
Network Statistics
Routing Table
DHCP Client List (for AP mode only)
System Log
Relay Status
DI and Power Status
VPN Log
Maintenance
Console Settings
Ping
Firmware Upgrade
Config Import Export
Load Factory Default
Password
Misc. Settings
Manual SMS
Remote SMS Control
Save Configuration
Restart
Logout
OnCell 3470A-LTE Web Console Configuration
3-2
NOTE
To use the OnCell G3470A
same LAN as the OnCell G3470A
LTE are
on the same logical subnet.
The Moxa OnCell G3470A
NOTE
The mode
country code. The country code indicates the OnCell G3470A
Example figures shown in this document are for OnCell G3470A
that appear on your computer screen may be different than the one shown here.
Accessing the Web Console
Moxa OnCell G3470A-LTE’s web browser interface provides a convenient way to modify its configuration and
access the built-in monitoring and network administration functions. The recommended web browser is
Microsoft
®
Internet Explorer 7.0 or 8.0 with JVM (Java Virtual Machine) installed.
Follow these steps to access the OnCell G3470A-LTE’s web-based console management interface.
1. Open your web browser (e.g., Internet Explorer) and type the OnCell G3470A-LTE’s IP address in the
address field; then, press [Enter].
2. The login page appears. Enter the password (the default username is “admin” and the default password is
“root”) and click Login.
-LTE’s management and monitoring functions from a PC host connected to the
-LTE, you must make sure that the PC host and the OnCell G3470A-
-LTE’s default IP is 192.168.127.254.
It may take a few moments for the web page to load on your computer. Note that the Model name and IP
address of your OnCell G3470A-LTE are both shown on the title bar of the web page. You can use this
information to identify multiple OnCell G3470A-LTE units.
3. Use the menu navigation panel to access the configuration screens.
In the following sections, we describe each OnCell G3470A-LTE management function in detail. For an overview
of the menus, refer to the “Function Map” section of Chapter 2.
l name of the OnCell G3470A-LTE is shown as OnCell G3470A-LTE-XX, where XX indicates the
-LTE version and which bandwidth it uses.
-LTE-US. The country code and model name
OnCell 3470A-LTE Web Console Configuration
3-3
Configuration Menu Overview
Quick overview of the OnCell G3470A-LTE’s status.
Basic settings for administering the OnCell G3470A-LTE.
Essential settings related to establishing a cellular network.
Advanced features to support additional network management
and secure wired and wireless communication.
Note: These advanced functions are all optional.
Application-oriented device management functions to set up
events, traps, and reactions via relay warning, e-mail, and SNMP
notification.
Note: These functions are all optional.
Current status information for monitoring wired/wireless network
performance, advanced services, and device management
functions.
Functions for maintaining the OnCell G3470A-LTE, and for
diagnosing the network.
On-demand functions to support the web console
management operation.
OnCell 3470A-LTE Web Console Configuration
3-4
LTE.
Overview
The Overview page provides a summary of the OnCell G3470A-LTE’s current status. The information is
categorized into groups: System Info, LAN Info, and Cellular Info.
Basic Settings
The Basic Settings group includes the most commonly used settings required by administrators to maintain and
control the OnCell G3470A-LTE.
System Info Settings
The System Info items, especially Device name and Device description, are displayed and included on the
Overview page, in SNMP information, and in alarm emails. Setting System Info items makes it easier to
identify the different OnCell G3470A-LTE units connected to your network.
Field Description Default setting
Device name Enter a descriptive name (up to 31 characters).
This option is useful for specifying the role or application of different
OnCell G3470A-LTE units.
Device location Specify the location (up to 31 characters) of the OnCell G3470A-
Device
description
Device contact
information
Enter a description (up to 31 characters) for the OnCell G3470A-LTE.
Enter the contact information (up to 31 characters) of the person
responsible for maintaining this OnCell G3470A-LTE.
OnCell
G3470A-LTE_[serial
no]
OnCell 3470A-LTE Web Console Configuration
3-5
Enter the subnet mask to specify the type of network to which the
Primary/Secondary
NOTE
The OnCell G3470A
update the
Current local time
when the network does not have an Internet connection for
server on the LAN.
: Set the time zone before you configure the current local time.
Network Settings
You can use the Network Settings screen to configure TCP/IP settings.
Field Description Default setting
IP address Enter the unique IP address for the OnCell G3470A-LTE. 192.168.127.254
Subnet mask
DNS server
OnCell G3470A-LTE is connected.
Enter the IP address of the primary or secondary DNS server.
After you specify a DNS server, you can access a web site by
entering its URL instead of the IP address.
255.255.255.0
Time Settings
You can synchronize the system time on the OnCell G3470A-LTE based on an NTP (Network Time Protocol)
server or user-specified date and time information. The OnCell G3470A-LTE includes the system time in system
logs.
-LTE includes a built-in real time clock (RTC). We strongly recommend that you
for the OnCell G3470A-LTE after the initial setup or a long-term shutdown, especially
accessing the NTP server or if there is no NTP
Field Description Default setting
Current local
time
The fields indicate the current system time on the OnCell
G3470A-LTE.
Enter the date and time in the format yyyy/mm/dd hh:mm:ss
To make the changes take effect, click Set Time. An “Updated” text
appears to indicate that the change is complete.
Note
OnCell 3470A-LTE Web Console Configuration
3-6
ndicates how many hours forward the clock should
Enter the IP address or the domain name of the primary or secondary
Field Description Default setting
Time zone Select a time zone from the drop-down list.
The default option is GMT (Greenwich Mean Time).
Note: Changing the time zone automatically changes the Current
local time. We strongly recommend that you set the time zone before
you set the Current local time.
Daylight
saving time
Time server
1/2
Query period Specify how many seconds (1 to 9999) the OnCell G3470A-LTE is to
Select Enable to activate daylight saving time (DST) or summer time.
When Daylight saving time is enabled, the following fields appear:
• Starts at: The date that daylight saving time begins.
• Stops at: The date that daylight saving time ends.
• Time offset: I
be advanced.
NTP server.
wait before requesting updates from the NTP server.
time.nist.gov
600
Cellular Settings
This section describes the screens you can use to configure cellular connection settings on the OnCell
G3470A-LTE:
• Cellular WAN Settings–Configure this screen to establish a cellular connection.
• GuaranLink Settings–Use this screen to configure Moxa’s proprietary 3-tire link protection to ensure
reliable network connectivity.
• Auto IP Report Settings–If your service provider assigns a dynamic WAN IP address, you can configure
this screen to set the OnCell G3470A-LTE to automatically send its WAN IP address to the specified host.
• GPS Settings–Configure this screen to enable the built-in GPS sensor to locate your OnCell G3740A-LTE.
• OnCell Central Manager Settings–Configure this screen to allow Moxa OnCell Central Manager to
connect to and manage your OnCell G3740A-LTE.
Cellular WAN Settings
Configure the fields in the Cellular WAN Settings screen to establish a 2G/3G/4G connection to a service
provider.
OnCell 3470A-LTE Web Console Configuration
3-7
Select this option to establish a cellular connection using the
connection using the
tiate with
If provided, enter the username for authentication with your service
If provided, enter the username for authentication with your service
If you install two SIM cards in the OnCell G3470A-LTE, you can select Dual SIM mode and enable the
GuaranLink feature set the OnCell G3470A-LTE to regularly check connection quality and perform an automatic
switchover in case a cellular connection is down. This setting ensures operator-level redundancy.
Field Description Default setting
Used SIM Select a connection mode from the drop-down list.
SIM 1 –
SIM card installed in the SIM 1 slot.
SIM 2 – Select this option to establish a cellular
SIM card installed in the SIM 2 slot.
Dual SIM – Select this option to set the system to automatically
establish a cellular connection using either SIM card. To ensure
optimum link quality and operator-level redundancy, enable the
GuaranLink feature.
SIM 1/2 PIN If provided, enter the PIN (4 digits) to unlock the SIM card.
Note: A SIM card becomes locked if you enter an incorrect PIN more
than three times.
SIM 1/2 band Select Auto to have the OnCell device automatically nego
the base station for the optimum cellular band frequency.
Select Manual to set the OnCell device to use the selected cellular
band frequency.
Note: The OnCell device does not establish a cellular connection if
your service provider does not support any of the bands you have
selected.
SIM 1/2 username
provider.
SIM 1/2 password
provider.
SIM 1/2 APN Your service provider may use access point network (APN)
information to provide different service levels.
If provided, enter the access point network (APN) information.
SIM 1
Auto
OnCell 3470A-LTE Web Console Configuration
3-8
ers who may try to
OnCell device along with its host name. The OnCell device uses the
Field Description Default setting
SIM 1/2
Authentication Type
Select Auto if you want the OnCell device to automatically select
either PAP or CHAP authentication method when setting up a data
session.
Select PAP (Password Authentication Protocol) to send user name
and password to the server and verify that the user name and
password match with the server database.
Select CHAP (Challenge-Handshake Authentication Protocol) if the
identifiers are changed frequently and if authentication can be
requested by the server at any time. CHAP provides more security
than PAP.
Note: This technique is vulnerable to eavesdropp
obtain the password by listening in on the serial line, and to
repeated trial and error attacks. If you select CHAP (Challenge
Handshake Authentication Protocol), the authenticator (i.e., the
server) sends a randomly generated “challenge”' string to the
host name to look up the appropriate secret, combines it with the
challenge, and encrypts the string using a one-way hashing
function.
Auto
GuaranLink
A number of factors can contribute to connection failures for cellular communications, including loss of cellular
signal, interference, and termination by the operator for unknown reasons. Moxa’s proprietary GuaranLink
feature, which is different from the basic heartbeat function, enables reliable connectivity with 4-tier intelligent
connection checks without sending excessive and costly cellular packets.
GuaranLink Recovery Process for Dual SIM Connections
The GuaranLink feature in OnCell G3470A-LTE automatically tries to re-establish a connection when a
connection failure occurs by performing one of the following actions depending on the number of SIM cards
enabled in the device:
• One SIM card: Resets the cellular module without rebooting the device to force negotiation between the
OnCell G3470A-LTE and the base station.
• Dual SIM cards: Resets the cellular module without rebooting the device and establishes a cellular
connection using the second SIM card account.
OnCell 3470A-LTE Web Console Configuration
3-9
LTE is to wait
for
GuaranLink Settings
In the navigation panel, click Network Settings GuaranLink Settings to display the configuration screen.
The following table describes the fields.
Field Description Default setting
GuaranLink Select Enable to activate the GuaranLink feature.
For operator-level redundancy, enable GuaranLink with Dual SIM
mode to set the OnCell G3470A-LTE to regularly check connection
quality and perform an automatic switchover in case a cellular
connection is down.
Select Disable to deactivate the GuaranLink feature.
Register to network
timeout
Data session retry
count
DNS/Ping remote
host 1/2
This field is used for ISP initial connection check.
Enter the time (10 – 600 minutes) the OnCell G3470A-
before terminating connection to an ISP and starts the GuaranLink
recovery process.
Enter the number of times (1 to 5; default is 3) the OnCell
G3470A-LTE is to request an IP address from the ISP.
If the OnCell G3470A-LTE fails to obtain an IP address after 3 tries
(default value), it starts the GuaranLink recovery process.
This field is used for cellular connection alive and packet-level
connection checks.
Enter the IP address or domain name of a remote host to ping or
DNS lookup test.
Disable
10
3
OnCell 3470A-LTE Web Console Configuration
3-10
registration process to a base station before the timeout specified in
LTE fails to register to the base station within
Depending on your ISP, cellular connection is terminated if there is
connection alive by performing a DNS lookup or remote host Ping if
r the number of retries specified in
LTE
using DNS lookup and remote host ping, regardless of any existing
If the connection check fails after the number of retries specified in
ield, the OnCell
LTE
LTE
Field Description Default setting
ISP initial
connection check
Cellular connection
alive check
Cellular connection
alive check interval
Cellular connection
alive check retry
count
Packet-level
connection check
Select Enable to set the OnCell G3470A-LTE to complete the
the Register to network timeout field.
If the OnCell G3470A-
the timeout period, it starts the GuaranLink recovery process.
Select Disable to allow the OnCell G3470A-LTE to wait until base
station registration is successful.
no active data transmission for a period of time.
Select Enable to set the OnCell G3470A-LTE to keep the cellular
no data is transmitted within the timeout period.
If the connection check fails afte
the Cellular connection alive retry count field, the OnCell
G3470A-LTE starts the GuaranLink recovery process.
Enter the time (between 1 to 600 minutes) the OnCell G3470A-
is to wait before performing a connection check.
Enter the number of times the OnCell G3470A-LTE is to try the
connection check in a 15-second time interval.
If the connection check fails, the OnCell G3470A-LTE starts the
GuaranLink recovery process.
Select Enable to check whether the cellular network is accessible
data transmission.
Disable
Disable
5
3
Disable
the Packet-level connection check retry count f
G3470A-LTE starts the GuaranLink recovery process.
Packet-level
connection check
action
Packet-level
connection check
interval
Packet-level
connection check
retry count
Transmission
connection check
Transmission
connection alive
check interval
Select one of the following options to determine if the connection
check is successful:
• DNS and Ping – Response from both the DNS server and
remote host.
• DNS or Ping – Response from either the DNS server or the
remote host.
Enter the time (between 1 to 600 minutes) the OnCell G3470A-
is to wait before performing a connection check.
Enter the number the OnCell G3470A-LTE is to try the connection
check in 15 seconds before re-establishing the connection.
If a remote system regularly monitors connection to the OnCell
G3470A-LTE, select Enable to set the OnCell G3470A-LTE to receive
polling information from the remote system at regular intervals.
If no polling information is received within the timeout period, the
OnCell G3470A-LTE starts the GuaranLink recovery process.
Enter the time (between 1 to 600 minutes) the OnCell G3470A-
is to wait for polling information from a remote system before
starting the GuaranLink recovery process.
DNS and Ping
5
3
Disable
5
OnCell 3470A-LTE Web Console Configuration
3-11
Auto IP Report Settings
In MDVPN (mobile data virtual private network) applications where service providers set up private VPNs for
enterprise customers, a cellular gateway must be assigned IP address that is visible to a remote host in a
central office. In cases where a service provider assigns dynamic IP addresses, you can configure the Auto IP
Report Settings screen to set the OnCell G3470A-LTE to regularly send its WAN IP address to a remote host.
The following table describes the fields.
Field Description Default setting
Auto IP report to
host
Report to UDP port Enter the listing port number on the remote host. 63100
Report period Enter the number of minutes the OnCell G3470A-LTE is to wait
The following figure shows the Auto IP report format.
Enter the IP address of a remote host to which the OnCell
G3470A-LTE is to send the WAN IP address information.
before sending WAN IP address information.
99
Auto IP Report Format
“Moxa”, 4 bytes Info[0] Info[1] ... Info[n]
Info [n]
Field ID Length Data
Length a 1 Variable, Length is “Length Field”
ID List
ID Value Description Length Note
1 Server Name Variable ASCII char
2 Hardware ID 2 Little-endian
3 MAC Address 6 6-byte MAC address. If the MAC address is
“00-90-E8-01-02-03” then MAC[0] is 0, MAC[1] is
0x90(hex), MAC[2] is 0xE8(hex), etc.
4 Serial Number 4, DWORD Little-endian
5 IP Address 4, DWORD Little-endian (LAN IP)
9 AP ID 4, DWORD Little-endian
10 IP Address2 4, DWORD Little-endian (WAN IP)
11 Signal Level 1 Unsigned char
12 RSSI 1 Unsigned char
AP ID & Hardware ID Mapping Table
AP ID Hardware ID Product
0x80005260 0x5061 5004-HSPA
0x80005260 0x5061 5104-HSPA
OnCell 3470A-LTE Web Console Configuration
3-12
respond to the packet within the time specified in
LTE will listen for another TCP connection from
TCP alive check
GPS Settings
You can activate the GPS module function under GPS Settings, and then enable GPS serial mode under Real
COM mode or Reverse Real COM mode. OnCell Central Manager provides the current location, including latitude
and altitude information.
Setting Description Factory Default
GPS Activate GPS module Disable
Enable Enable GPS Serial Mode Disable
Serial Operation mode Use OCM to get the location information under Real COM or
Reverse Real COM serial mode.
TCP alive check time This field specifies how long the OnCell G3470A-LTE will wait
for a response to “keep alive” packets before closing the TCP
connection. The OnCell G3470A-LTE checks the connection
status by sending periodic “keep alive” packets. If the remote
host does not
this field, the OnCell G3470A-LTE will force the existing TCP
connection to close. For socket and device control modes, the
OnCell G3470A-
another host after closing the connection. If
time is set to 0, the TCP connection will remain open but will
not send any “keep alive” packets.
Real COM
7 min
Oncell Central Manager Setting
For Oncell Central Manager settings, refer to the OnCell Central Manager User’s Manual, which can be
downloaded from www.moxa.com
.
Advanced Settings
Several advanced functions are available to increase the functionality of your OnCell G3470A-LTE and wireless
network system. The DHCP server helps you deploy wireless clients efficiently. Packet filters provide security
mechanisms, such as firewalls, in different network layers. Moreover, SNMP support can make network
management easier.
OnCell 3470A-LTE Web Console Configuration
3-13
econdary
Enter the number (between 1 and 999) of IP address to assign to
assigned IP address. The IP address expired after the lease time.
DHCP Server (for AP mode only)
DHCP (Dynamic Host Configuration Protocol) is a networking protocol that allows administrators to assign
temporary IP addresses to network computers by “leasing” an IP address to a user for a limited amount of time,
instead of assigning permanent IP addresses.
The OnCell G3470A-LTE can act as a DHCP server and assign IP addresses to your DHCP clients by responding
to DHCP requests from the clients. The IP-related parameters you set on this page will also be sent to the client.
You can also assign a static IP address to a specific client by entering its MAC address. The OnCell G3470A-LTE
provides a Static DHCP mapping list with up to 16 entities. Be reminded to check the Active check box for
each entity to activate the setting.
You can check the IP assignment status in the DHCP Client List screen (click Status > DHCP Client List).
The following table provides the field descriptions.
Field Description Default setting
DHCP server Select Enable to set the OnCell G3470A-LTE as a DHCP server.
Select Disable to set the OnCell G3470A-LTE as a DHCP client.
Default gateway Enter the IP address of the default gateway that connects to an
outside network.
Subnet mask Enter the subnet mask to specify the type of network for the DHCP
clients.
Primary/S
DNS server
Start IP address Enter the starting IP address in the IP address pool.
Maximum number
of users
Client lease time Enter the lease time (between 2 and 14400 minutes) for an
Enter the IP address of the primary or secondary DNS server.
After you specify a DNS server, you can access a web site by
entering its URL instead of the IP address.
DHCP clients.
Disable
OnCell 3470A-LTE Web Console Configuration
3-14
DDNS
If a DHCP server assigns an IP address to the OnCell G3470A-LTE, you can configure dynamic DNS (DDNS)
setting on the OnCell G3470A-LTE to allow remote servers to access the OnCell G3470A-LTE using its domain
name instead of IP address. For more information on DDNS, see Appendix C.
Click Advanced Settings > DDNS to display the configuration screen.
The following table provides the field descriptions.
Field Description Default setting
Enable Select Enable to activate the DDNS feature. Disable
Service provider Select an option from the drop-down list.
Host name Enter the host name you created with the service provider.
Username Enter the username for update authentication.
Password Enter the password for update authentication.
Packet Filters
The OnCell G3470A-LTE includes various filters for IP-based packets going through LAN and WLAN interfaces.
You can set these filters as a firewall to help enhance network security.
MAC Filter
The OnCell G3470A-LTE’s MAC filter is a policy-based filter that can allow or filter out IP-based packets with
specified MAC addresses. The OnCell G3470A-LTE provides 8 entities for setting MAC addresses in your filtering
policy. Remember to check the Active check box for each entity to activate the setting.
Field Description Default setting
Enable Select Enable to enable MAC filtering. Disable
Policy Select Accept to allow packets that meet the specified criteria.
Drop
Select Drop to deny packets that meet the specified criteria.
OnCell 3470A-LTE Web Console Configuration
3-15
ATTENTION
Be careful when you enable the filter function:
Drop
Accept
ATTENTION
Be careful when you enable the filter function:
Drop
Accept
+ “no entity on list is activated” = all packets are allowed
+ “no entity on list is activated” = all packets are denied
IP Protocol Filter
The OnCell G3470A-LTE’s IP protocol filter is a policy-based filter that can allow or filter out IP-based packets
with specified IP protocol and source/destination IP addresses.
The OnCell G3470A-LTE provides 8 entities for setting IP protocol and source/destination IP addresses in your
filtering policy. Four IP protocols are available: All, ICMP, TCP, and UDP. You must specify either the Source
IP or the Destination IP. By combining IP addresses and netmasks, you can specify a single IP address or a
range of IP addresses to accept or drop. For example, “IP address 192.168.1.1 and netmask 255.255.255.255”
refers to the sole IP address 192.168.1.1. “IP address 192.168.1.1 and netmask 255.255.255.0” refers to the
range of IP addresses from 192.168.1.1 to 192.168.255. Remember to check the Active check box for each
entity to activate the setting.
Field Description Default setting
Enable Select Enable to enable IP protocol filtering. Disable
Policy Select Accept to allow packets that meet the specified criteria.
Select Drop to deny packets that meet the specified criteria.
+ “no entity on list is activated” = all packets are allowed.
+ “no entity on list is activated” = all packets are denied.
Drop
TCP/UDP Port Filter
The OnCell G3470A-LTE’s TCP/UDP port filter is a policy-based filter that can allow or filter out TCP/UDP-based
packets with a specified source or destination port.
The OnCell G3470A-LTE provides 8 entities for setting the range of source/destination ports of a specific
protocol. In addition to selecting TCP or UDP protocol, you can set either the source port, destination port, or
both. The end port can be left empty if only a single port is specified. Of course, the end port cannot be larger
than the start port.
OnCell 3470A-LTE Web Console Configuration
3-16
ATTENTION
Be careful when you enable
Drop
Accept
The Application name is a text string that describes the corresponding entity with up to 31 characters.
Remember to check the Active check box for each entity to activate the setting.
Field Description Default setting
Enable Select Enable to enable TCP/UDP port filtering. Disable
Policy Select Accept to allow packets that meet the specified criteria.
Select Drop to deny packets that meet the specified criteria.
Drop
+ “no entity on list is activated” = all packets are allowed
+ “no entity on list is activated” = all packets are denied
SNMP Agent
The OnCell G3470A-LTE supports SNMP V1/V2c/V3. SNMP V1 and SNMP V2c use a community string match for
authentication, which means that SNMP servers access all objects with read-only or read/write permissions
using the community string public/private (default value). SNMP V3, which requires you to select an
authentication level of MD5 or SHA, is the most secure protocol. You can also enable data encryption to
enhance data security.
The OnCell G3470A-LTE’s MIB can be found in the software CD and supports reading the attributes via SNMP.
(Only get method is supported.)
SNMP security modes and security levels supported by the OnCell G3470A-LTE are shown in the following table.
Select the security mode and level that will be used to communicate between the SNMP agent and manager.
Protocol
Version
SNMP
V1, V2c
SNMP V3 No-Auth No No Use account with admin or user to access objects
Setting on
UI web
page
V1, V2c
Read
Community
V1, V2c
Write/Read
Community
MD5 or SHA Authentication
the filter function:
Authentication
Type
Community string No Use a community string match for
Community string No Use a community string match for
based on MD5 or
SHA
Data
Encryption
No Provides authentication based on HMAC-MD5, or
Method
authentication
authentication
HMAC-SHA algorithms. 8-character passwords
are the minimum requirement for
authentication.
OnCell 3470A-LTE Web Console Configuration
3-17
MD5 or
to use an administrator account to access objects
Protocol
Version
The following parameters can be configured on the SNMP Agent page.
Setting on
UI web
page
MD5 or SHA Authentication
Authentication
Type
based on MD5 or
SHA
Data
Encryption
Data
encryption
key
Method
Provides authentication based on HMAC-
HMAC-SHA algorithms, and data encryption key.
8-character passwords and a data encryption
key are the minimum requirements for
authentication and encryption.
Field Description Default setting
Enable Select Enable to activate SNMP agent. Disable
Remote
management
Read community Enter the community string or password (up to 31 characters
Write community Enter the community string or password (up to 31 characters
SNMP agent
version
Admin
authentication
type
Admin privacy type Select Disable for no data encryption.
Privacy key Enter the key (up to 63 characters) for data encryption.
Select Enable to allow remote management via SNMP agent. Disable
public
long) for an SMNP agent to access objects with read-only
permission.
private
long) for an SMNP agent to access objects with read-write
permission.
Select the SNMP protocol version used to manage the OnCell
G3470A-LTE.
Select No Auth
without authentication.
Select MD5 to authenticate using HMAC-MD5 algorithms where
the minimum requirement is to use an 8-character password.
Select SHA to authenticate using HMAC-SHA algorithms where
the minimum requirement is to use an 8-character password.
Select DES to use DES-based data encryption.
Select AES to use AES-based data encryption.
V1, V2c
No Auth
Disable
OnCell 3470A-LTE Web Console Configuration
3-18
NOTE
You can make LAN computers accessible from the Internet by enabling Virtual Server.
You can also configure port forwarding on the OnCell G3470A-LTE to redirect traffic to a specific port on a LAN
computer.
Make sure that the port number specified is not already used by
Field Description Default setting
Private MIB
information Device
object ID
The object ID (OID) is the enterprise value for the OnCell
G3470A-LTE. This value is not configurable.
Port Forwarding
You can configure port forwarding settings on the OnCell G3470A-LTE to redirect specific packets from a
remote host on the WAN to a server on the LAN. This feature hides the IP address of a local server and prevents
remote hosts from accessing the local server directly.
The OnCell G3470A-LTE filters out unrecognized packets to protect your LAN network when computers
connected to the OnCell G3470A-LTE are not visible to the WAN.
To access the Port Forwarding screen, click Advanced Settings Port Forwarding. The Oncell
G3470A-LTE supports a total of 32 port forwarding rules.
The following table includes the field descriptions.
Field Description Factory Default
Enable Select Enable to activate the port forwarding feature. Disable
Active Select this check box to activate the port forwarding entry.
Protocol Select an option from the drop-down list.
Public Port Enter the public port number.
OP modes.
Internal IP Enter the IP address of a LAN device to receive the redirected
traffic.
Internal Port Enter the port number on a LAN device to which to redirect
traffic.
OnCell 3470A-LTE Web Console Configuration
3-19
VPN
Computers that are part of a virtual private network (VPN) use a second, “virtual” IP address to connect to the
Internet. Instead of running across a single private network, some of the links between nodes that are part of
a VPN use open network connections or virtual circuits on a larger network, such as the Internet. With the help
of VPNs, cellular devices acting as a VPN client can initiate a connection with a VPN server. Once the connection
is established, cellular devices can communicate with other network devices on the same private network.
The following figure shows a network example.
OnCell G3470A-LTE VPN Feature Overview
• The OnCell G3470A-LTE IPSec provides security in a network with Gateway-to-gateway topology as
illustrated in the following figure.
• The OnCell G3470A-LTE initiates a VPN connection to a VPN Server.
• The OnCell G3470A-LTE IPSec operates in Tunnel mode with IPsec VPN tunnel.
Manual Key/ESP, IKE/PSK
DES/3DES/AES128 encryption
MD5/SHA1 authentication
• IPsec NAT traversal and PFS (Perfect Forwarding Secrecy).
OnCell 3470A-LTE Web Console Configuration
3-20
to activate the NAT traversal feature that allows
IPSec Settings
You can enable or disable the IPSec and NAT traversal functions and configure up to five VPN tunnels in the
IPSec Settings screen (click Advanced Settings > VPN > IPSec Settings).
The following table provides the field descriptions.
Field Description Factory Default
IPSec setting enable Select Enable to activate the IPSec feature. Disable
NAT Traversal Select Enable
IPSec traffic to traverse through NAT-enabled devices.
Make sure that the remote VPN device supports this feature.
Action Click Edit to configure a VPN tunnel.
Click Delete to remove the selected VPN tunnel.
Disable
OnCell 3470A-LTE Web Console Configuration
3-21
To configure a VPN tunnel,
click
Settings
Select this option to create a VPN tunnel for
tunnel between a static local subnet and a dynamic remote
to initiate
to
identify and authenticate
Enter an ID (IP/FQDN/User_FQDN) to identify and authenticate
Configuring a VPN Tunnel
Edit in the IPSec
screen.
The following table provides the field descriptions.
Field Description Factory Default
IPSec enable Select Enable to activate the VPN tunnel. Disable
Connection name Enter a descriptive name for the VPN tunnel.
Connection type Select one of the following connection types:
• Site-to-Site –
static local and remote subnets.
• Site-to-Site(any) – Select this option to create a VPN
subnet.
Startup mode Select Start in Initial to set the OnCell G3470A-LTE
a connection with the remote VPN gateway.
Select Wait for Connecting to set the OnCell G3470A-LTE
wait for a remote VPN gateway to initiate a connection.
Remote VPN gateway Enter the WAN IP address of the remote VPN gateway.
Local network Enter the remote VPN server subnet IP of the local network.
Local netmask Enter the remote VPN server subnet netmask of the local
network.
Local ID Enter an ID (IP/FQDN/User_FQDN) to
the local VPN gateway.
Remote network Enter the remote VPN server subnet IP of the remote network.
Remote netmask Enter the remote VPN server subnet netmask of the remote
network.
Remote ID
the remote VPN endpoint.
Site-to-Site
Start in Initial
OnCell 3470A-LTE Web Console Configuration
3-22
VPN ISAKMP
connecting to the remote gateway when the VPN tunnel is not
Lifetime. This is the period of time to pass before establishing a
for the Start to Rekey before IKE
margin of the Rekey expire time. 100% means the rekey expire
Lifetime. This is the period of time to pass before establishing a
LTE performs one of the following actions when
Field Description Factory Default
Key Exchange (Phase1)
Operation mode Select main mode or aggressive mode to configure the
standard negotiation parameters for IKE Phase 1 of the VPN
Tunnel.
Authentication mode Select Pre-shared key, RSA Signature or X.509
authentication mode to for phase 1 key exchange.
The configuration fields vary depending on the authentication
mode you select. For information on configuring each
authentication mode, refer to the following sections.
Encryption algorithm Select the DES, 3DES or AES128 algorithm for the
phase 1 encryption mode.
Hash algorithm Select the MD5 or SHA-1 VPN key exchange phase 1 hash
mode.
DH group Select the DH-2(1024) or DH-5(1536) VPN key exchange
phase 1 Diffie-Hellman group. As the Diffie-Hellman Group
number increases, the higher the level of encryption
implemented for PFS.
Negotiation time The number of allowed reconnect times when startup mode is
initiated. If the number is 0, this tunnel will always try
Main
Pre-shared key
DES
MD5
DH-2
0
created successfully.
IKE life time Enter the number of minutes for the VPN IKE SA phase 1
new IPSec security association (SA) with the remote endpoint.
Rekey expire time Enter the number of minutes
lifetime expired.
Rekey fuzz percent The rekey expire time will change randomly to enhance the
security. Rekey fuzz percent is the maximum random change
time will not change randomly.
Data Exchange (phase2)
Perfect forward secrecy Enable or disable the Perfect Forward Secrecy. PFS is an
additional security protocol.
SA life time Enter the number of seconds for the VPN ISAKMP phase 2
new IPSec security association (SA) with the remote endpoint.
Encryption algorithm Select the DES, 3DES, or AES128 algorithm for the VPN
ISAKMP phase 1 encryption mode.
Hash algorithm Select the MD5 or SHA-1 VPN ISAKMP phase 1 authentication
mode.
Dead Peer Detection
DPD action When you enable the Dead Peer Detection (DPD) feature, the
OnCell G3470A-
connection to a remote IPSec tunnel is down:
• Hold: Keep the VPN tunnel
• Clear: Clear the VPN tunnel
• Restart: Re-establish the VPN tunnel on Start in Initial
mode.
• Restart by Peer: Re-establish the VPN tunnel on Wait for
connecting mode.
DPD delay The period of dead peer detection messages. 30
DPD timeout Timeout to check if the connection is alive or not. 120
60
9
100%
Disable
480
DES
MD5
Disable
OnCell 3470A-LTE Web Console Configuration
3-23
Configuring Pre-shared Key Settings
To configure pre-shared key authentication mode in phase 1 key exchange, in the Tunnel settings screen,
select Pre-shared key from the Authentication mode drop-down list. Then, enter a key in the text field.
Make sure that you configure the same key on the OnCell G3470A-LTE and the remote VPN gateway.
Configuring RSA Signature Settings
To configure RSA signature settings, complete the following steps:
1. In the Tunnel Settings screen, select RSA Signature from the Authentication mode drop-down list.
2. Generate or import a local private key. Perform one of the following actions:
• Click Generate Local Private Key. The OnCell G3470A-LTE creates a private key and displays the key
information in the Local private key field.
• Click Import Local Private Key and select a key file to import. After the OnCell G3470A-LTE
successfully imports the selected key, the system displays the key information in the Local private key
field.
3. Generate or import a remote private key. Perform one of the following actions:
• Click Generate Remote Public Key. The OnCell G3470A-LTE creates a public key and displays the key
information in the Remote public key field.
• Click Import Remote Public Key and select a key file to import. After the OnCell G3470A-LTE
successfully imports the selected key, the system displays the key information in the Remote public
key field.
The following figure shows the certificate generation and certificate export/import example.
Device A Device B
1. Generate Root CA
2. Generate Local Certificate
3. Click PKCS#12 Export to export the local
certificate (local_CA_A.p12)
4. Click Certificate Export to export the
local certificate file (local_CA_A.pem)
5. Click VPN > X.509 >Local Certificate
Upload and import the local certificate
(local_CA_A.p12).
6. Click VPN > X.509 > Remote
Certificate Upload to import the remote
certificate (local_CA_B.pem).
1. Generate Root CA
2. Generate Local Certificate
3. Click PKCS#12 Export to export the
local certificate (local_CA_B.p12)
4. Click Certificate Export to export the
local certificate file (local_CA_B.pem)
5. Click VPN > X.509 >Local
Certificate Upload and import the
local certificate (local_CA_B.p12).
6. Click VPN > X.509 > Remote
Certificate Upload to import the
remote certificate (local_CA_A.pem).
OnCell 3470A-LTE Web Console Configuration
3-24
NOTE
Before you configure X.509 settings, make sure that you have imported local and remote certificates in the
Local/Remote Certificate Upload
Local/Remote Certificate Upload
X.509 Settings
screen (click Advanced Settings > VPN > X.509 Certificate >
).
In the Tunnel Settings screen, select X.509 from the Authentication mode drop-down list and select a
certificate from the Local certificate and Remote certificate drop-down lists.
Certificate Generation
X.509 is a digital certificate method commonly used for IPSec authentication. You can generate a self-signed
root CA or local certificate on the OnCell G3470A-LTE and import or export the certificate on a remote VPN
gateway.
To display the Certificate Generation screen, click Advanced Settings > VPN > X.509 Certificate >
Certificate Generation.
To generate a root CA certificate, complete the following steps:
1. In the Certificate Generation screen, enter information in the fields under Root Certificate Generation.
Field Description
Certificate days Enter the number of days the certificate is valid for.
Certificate password Enter a password to create a password-protected certificate.
Country name Enter the country.
State or province name Enter the state or the province.
Locality name Enter the city.
OnCell 3470A-LTE Web Console Configuration
3-25
NOTE
You can generate a local certificate in the
Field Description
Organization name Enter the name of the organization.
Organization unit name Enter the unit or section in the organization.
Common name Enter a name (such as a server name or your name).
Email address Enter an email address.
2. Click Generate Root CA.
After you have generated the root CA certificate, generate a local certificate and export the key files. Complete
the following steps:
1. In the Certificate Generation screen, enter information in the fields under Local Certificate Settings.
Field Description
Certificate days Enter the number of days the certificate is valid for.
Certificate password Enter a password to create a password-protected certificate.
Organization unit name Enter the unit or section in the organization.
Common name Enter a name (such as a server name or your name).
Email address Enter an email address.
2. Click Generate Local Certificate.
3. Click Certificate Export to export the public key file for the certificate that you import on a remote VPN
gateway.
4. Click PKCS#12 Export to export the private key file for local certificates on the OnCell G3470A-LTE. You
can import the local certificate in the Local Certificate Upload screen.
Local Certificate Upload
If you configure X.509 authentication mode for VPN tunnel setup, you must import a local certificate on the
OnCell G3470A-LTE.
You can add or delete a local certificate in the Local Certificate Upload screen.
1. Click Advanced Settings > VPN > X.509 Certificate > Local Certificate Upload.
2. In the PKCS#12 upload field, click Browse to select a local certificate.
3. In the Import password field, enter the certificate password.
4. Click Import.
Certificate Generation screen.
OnCell 3470A-LTE Web Console Configuration
3-26
D
shown in the following table. You
select the
enable
the
s. All default values
are enabled (checked). The log
system
events can be seen in
Log
Remote Certificate Upload
You can add or delete a certificate from the remote VPN gateway in the Remote Certificate Upload screen.
1. Click Advanced Settings > VPN > X.509 Certificate > Remote Certificate Upload.
2. In the Remote certificate upload field, click Browse to select a local certificate.
3. Click Import.
Auto Warning Settings
Since industrial-grade devices are often located at the endpoints of a system, these devices will not always
know what is happening elsewhere on the network. This means that these devices, including wireless APs or
clients, must provide system maintainers with real-time alarm messages. Even when system administrators
are out of the control room for an extended period, they can still be informed of the status of devices almost
instantaneously when exceptions occur.
In addition to logging these events, the OnCell G3470A-LTE supports different approaches to warn engineers
automatically, such as SNMP trap, e-mail, and relay output. It also supports two digital inputs to integrate
sensors into your system to automate alarms by email and relay output.
System Log
System Log Event Types
etail information for grouped events is
Enable log check box to
selected event type
Status > System
.
can
for
OnCell 3470A-LTE Web Console Configuration
3-27
is rebooted, such as when its settings are
The following table describes the types of system logs.
System-related events Event is triggered when…
System restart (warm start) The OnCell G3470A-LTE
changed (IP address, subnet mask, etc.).
Network-related events Event is triggered when…
LAN link on The LAN port is connected to a device or network.
LAN link off The port is disconnected (e.g., the cable is pulled out, or the
opposing device shuts down).
Client joined/ left
(for AP mode)
WLAN connected to AP
(for Client mode)
WLAN disconnected
(for Client mode)
Config-related events Event is triggered when…
Configuration Changed A configuration item has been changed.
Configuration file import via Web Console The configuration file is imported to the OnCell G3470A-LTE.
Console authentication failure An incorrect password is entered.
Firmware upgraded The OnCell G3470A-LTE’s firmware is updated.
Power events Event is triggered when…
Power 1/2 transition (On -> Off) The OnCell G3470A-LTE is powered down in PWR1/2.
Power 1/2 transition (Off -> On) The OnCell G3470A-LTE is powered via PWR1/2.
DI events Event is triggered when …
DI1/2 transition (On -> Off) Digital Input 1/2 is triggered by on to off transition.
DI1/2 transition (Off -> On) Digital Input 1/2 is triggered by off to on transition.
A wireless client is associated or disassociated.
The OnCell G3470A-LTE is associated with an AP.
The OnCell G3470A-LTE is disassociated from an AP.
Syslog
This function provides the event logs for the Syslog server. The function supports up to three configurable
Syslog servers and Syslog server UDP port numbers. When an event occurs, the event will be sent as a Syslog
UDP packet to the specified Syslog servers.
Syslog Event Types
Detail information for the grouped events is shown in the following table. You can the Enable log check box to
enable the selected event types. All default values are enabled (checked).
For information on the event types, refer to the System Log Event Types section.
OnCell 3470A-LTE Web Console Configuration
3-28
Syslog Server Settings
You can configure the parameters for your Syslog server on the Syslog Server Settings screen.
Field Description Factory Default
Syslog server 1/2/3 Enter the IP address of the 1st/ 2nd/ 3rd Syslog Server
Syslog port Enter the UDP port for the syslog server. 514
E-Mail
E-Mail Event Types
Select the Active checkbox to enable an event item. By default, all values are deactivated (unchecked).
OnCell 3470A-LTE Web Console Configuration
3-29
ATTENTION
Consult your Network Administrator or ISP for the proper mail server settings. The Auto warning function may
not work properly if it is not configured correctly. The OnCell G3470A
PLAIN, and CRAM
mail address or addresses to which the automatic
E-mail Server Settings
The E-mail server settings determine how e-mail warnings are sent for system and serial port events. You may
configure up to 4 e-mail addresses to receive automatic warnings.
-MD5 (RFC 2554).
Mail server
Setting Description Factory Default
Mail server This field is for your mail server’s domain name or IP address. . None
User name
Setting Description Factory Default
User name This field is for your mail server’s user name, if required. None
Password
Setting Description Factory Default
Password This field is for your mail server’s password, if required. None
From e-mail address
Setting Description Factory Default
From e-mail address This is the e-mail address from which automatic e-mail
warnings will be sent.
To e-mail address 1 to 4
Setting Description Factory Default
To e-mail address
1 to 4
This is the e-
e-mail warnings will be sent.
-LTE’s SMTP AUTH supports LOGIN,
None
None
OnCell 3470A-LTE Web Console Configuration
3-30
Relay
Relay Event Types
Select Active to enable the event types.
For information on the event types, refer to the System Log Event Types section.
Trap
Traps can be used to signal abnormal conditions (notifications) to a management station. This trap-driven
notification can make your network more efficient.
Because a management station usually takes care of a large number of devices that have a large number of
objects, it will be overloading for the management station to poll or send requests to query every object on
every device. It would be better if the managed device agent could notify the management station by sending
a message known as a trap for the event.
OnCell 3470A-LTE Web Console Configuration
3-31
Enter the community string or password (up to 31 characters) for
Trap Event Types
SNMP Trap Receiver Settings
SNMP traps are defined in SMIv1 MIBs (SNMPv1) and SMIv2 MIBs (SNMPv2c). The two styles are basically
equivalent, and it is possible to convert between the two. You can set the parameters for SNMP trap receivers
through the web page.
Field Description Default setting
Trap version Select the SNMP version for SNMP traps. V1
Trap server
IP/name
Trap community
Enter the IP address or domain name of the SNMP trap server.
authentication.
alert
OnCell 3470A-LTE Web Console Configuration
3-32
SMS
SMS Event Types
Select Active to enable the event types. For information on the event types, refer to the System Log Event
Types section.
SMS Alert Settings
You can set the OnCell G3470A-LTE to send SMS notifications to up to four phone numbers and select a
message encoding format in the SMS Alert Settings screen.
Field Description Factory Default
To phone number
1/2/3/4
Encode format Select an encoding format from the drop-down list.
Enter the phone numbers to which the OnCell G3470A-LTE
sends SMS notifications.
• Text ASCII (7 bits) – Encode SMS messages in 7-bit
format (160 bytes per packet).
Text ASCII (7 bits)
OnCell 3470A-LTE Web Console Configuration
3-33
Possible flags include:
U: route is up
D: route is down
G: use gateway
+: default gateway
T: static route
H: target is a host
Status
DNS Information
The DNS information screen displays the DNS server to which the OnCell G3470A-LTE is connected and the
DNS server information.
SIM Status
The SIM Status screen displays the current SIM card in use and the status of the SIM cards installed in the
OnCell G3470A-LTE.
Network Statistics
The Network Statistics screen displays information on each interface.
Routing Table
The Routing Table screen displays the list of routes the OnCell G3470A-LTE uses to send packets on each
interface.
OnCell 3470A-LTE Web Console Configuration
3-34
DHCP Client List (for AP mode only)
The DHCP Client List shows all the clients that require and have successfully received IP assignments. You can
click the Refresh button to refresh the list.
You can press Select all button to select all content in the list for further editing.
System Log
Triggered events are recorded in System Log. You can export the log contents to an available viewer by clicking
Export Log. You can use the Clear Log button to clear the log contents and the Refresh button to refresh the
log.
OnCell 3470A-LTE Web Console Configuration
3-35
Relay Status
The status of user-configurable events can be found under Relay Status.
If an event is triggered, the event is included on this list.
After you have addressed an event, click Acknowledge Event.
DI and Power Status
You can view the digital input (DI) and power input information in the DI and Power Status screen.
OnCell 3470A-LTE Web Console Configuration
3-36
VPN Log
The VPN Log screen displays VPN connection information.
VPN System log
The following table lists the system logs for the VPN feature. [VPN name] indicates the name of the VPN tunnel
you have created on the OnCell G3470A-LTE.
System log Description
[VPN name] mismatch of PSK Pre-shared key mismatch.
[VPN name] Phase 1 start VPN tunnel phase 1 start.
[VPN name] Phase 1 pass VPN tunnel phase 1 pass.
[VPN name] Phase 2 start VPN tunnel phase 2 start.
[VPN name] Phase 2 pass VPN tunnel phase 2 pass.
[VPN name] received Delete ISAKMP SA Remote VPN tunnel request to delete ISAKMP SA.
[VPN name] no Preshared Key Found No pre-shared key is found.
[VPN name] policy doesn't allow PRESHARED KEY The encryption algorithm does not allow pre-shared key.
[VPN name] policy doesn't allow RSASIG VPN encrypt algorithm does not allow RSA or X.509.
[VPN name] DPD timeout - declaring peer dead No response from a peer. PDP timeout.
[VPN name] DPD: Hold connection Clear the remote VPN SA and keep the peer routing table
status.
[VPN name] DPD: Clearing Connection Clear the remote VPN SA and peer routing table status.
[VPN name] DPD: Restarting Connection Renegotiate VPN SA immediately.
[VPN name] encrypt alg is different VPN encryption mismatch.
[VPN name] hash alg is different VPN hash mismatch.
[VPN name] DH group is different VPN Diffie-Hellman group mismatch.
[VPN name] Ignore initial Aggr message Ignore aggressive requests from a remote VPN gateway.
[VPN name] Maybe ID format error Invalid local or remote VPN ID format.
[VPN name] we require peer ID differ from peer
declares ID
[VPN name] no suitable connection for peer No corresponding VPN connection for a remote peer from
[VPN name] connect_fail_log:ip_port Fail to route VPN connection to [IP address].
[VPN name] send payload name Send “VPN INVALID_KEY_INFORMATION,
Remote ID mismatch.
the VPN responder.
OnCell 3470A-LTE Web Console Configuration
3-37
You can enable or
s to the
device
console
greater
access to the two secure consoles,
.
System log Description
INVALID_CERTIFICATE or….” to a remote VPN gateway.
[VPN name] receive payload name Receive “VPN INVALID_KEY_INFORMATION ,
INVALID_CERTIFICATE or …” from a remote VPN gateway.
Maintenance
Maintenance functions provide the administrator with tools to manage the OnCell G3470A-LTE and
wired/wireless networks.
Console Settings
disable access permission
through a LAN or WAN for the following
s: HTTP, HTTPS, Telnet, and SSH. For
security, we recommend only allowing
HTTPS and SSH.
Ping
Ping helps to diagnose the integrity of wired or wireless networks. By inputting a node’s IP address in the
Destination field, you can use the ping command to make sure it exists and whether or not the access path
is available.
If the node and access path are available, you will see that all packets were successfully transmitted with no
loss. Otherwise, some, or even all, packets may get lost, as shown in the following figure.
OnCell 3470A-LTE Web Console Configuration
3-38
ATTENTION
Please make sure the power source is stable when you
firmware. An unexpected power breakup
may damage your OnCell G3470
Firmware Upgrade
The OnCell G3470A-LTE can be enhanced with more value-added functions by installing firmware upgrades.
The latest firmware is available at Moxa’s download center.
Before running a firmware upgrade, make sure the OnCell G3470A-LTE is off-line. Click the Browse button to
specify the firmware image file and click Firmware Upgrade and Restart to start the firmware upgrade. After
the progress bar reaches 100%, the OnCell G3470A-LTE will reboot itself.
When upgrading your firmware, the OnCell G3470A-LTE’s other functions are forbidden.
Config Import Export
You can use the Config Import Export screen to back up or restore the following information:
• Configuration settings on the OnCell G3470A-LTE
• ABC-01 configuration
• MIB
In the Config Import section, click Choose File to select a configuration file and click Config Import button
to begin importing configuration.
To save the configuration file to a storage media, click Config Export. The configuration file is a text file and
you can view and edit it with a general text-editing tool.
For MIBs, click MIB Export to save the MIB file to a storage media. The configuration file is a .my file and you
can import it with a general SNMP tool to remote control or set OnCell G3470A-LTE.
upgrade your
A-LTE.
OnCell 3470A-LTE Web Console Configuration
3-39
To download the configuration to the OnCell G3470A-LTE, complete the following steps:
1. Turn off the OnCell G3470A-LTE.
2. Connect ABC-01 to the OnCell G3470A-LTE’s RS-232 console.
3. Turn on the OnCell G3470A-LTE.
4. The OnCell G3470A-LTE detects ABC-01 during the boot up process and automatically downloads the
configuration from ABC-01. After the configuration is downloaded and if the configuration format is correct,
the OnCell G3470A-LTE emits three short beeps before continuing the boot up process.
5. After the boot up process is complete, the OnCell G3470A-LTE emits two beeps, and the Ready LED turns
solid green.
Load Factory Default
Use this function to reset the OnCell G3470A-LTE and roll all settings back to the factory default values. You can
also reset the hardware by pressing the reset button on the top panel of the OnCell G3470A-LTE.
Password
You can change the administration password for each of the OnCell G3470A-LTE’s console managers by using
the Password function. Before you set up a new password, you must input the current password and reenter
the new password for confirmation. For your security, do not use the default password root, and remember to
change the administration password regularly.
Misc. Settings
Additional settings to help you manage your OnCell G3470A-LTE, are available on this page.
OnCell 3470A-LTE Web Console Configuration
3-40
Select one of the following Reset button options:
• Always enable–Set the reset button to perform a factory restore on the OnCell G3470A-LTE. This is the
default option.
• Disable ‘restore to default function’ after 60 sec–Deactivate the factory reset function of the reset
button 60 seconds after the OnCell G3470A-LTE restarts.
Manual SMS
The manual SMS feature allows you to send text messages through the web console.
In the Manual SMS screen, enter the phone number of the SMS recipient and the message content of your
message; then click
After the SMS is sent, the screen displays the following information:
• The entry number
• The time the message was sent
• The destination phone number
• Whether the SMS was successfully sent
Send to send the text message.
Remote SMS Control
In cases where the OnCell G3470A-LTE is installed in a location with limited GPRS service, you can use the
remote SMS control feature to get the current status of the OnCell G3470A-LTE or restart the OnCell
G3470A-LTE.
The Command field in the Remote SMS Control screen shows the SMS message format.
OnCell 3470A-LTE Web Console Configuration
3-41
Field Description Default setting
Remote SMS
Control
Password Enter a password (4 to 16 characters).
Auth type To restrict access to the OnCell G3470A-LTE, select the Caller ID
Caller ID If you use the caller ID authentication type, enter the caller ID
Action Select this check box to perform the SMS control action.
Acknowledge Select this check box to send a reply to the SMS sender with an SMS
For example, if you enter “12345” for the password and send an SMS message with the content of
“@12345@cell.report” to the OnCell G3470A-LTE, the OnCell G3470A-LTE sends an SMS message with the
current status to the sender.
Select Enable to activate the remote SMS control feature. Disable
None
authentication type.
number that can send SMS messages to control the OnCell
G3470A-LTE.
message after the operation is completed.
Save Configuration
The following figure shows how the OnCell G3470A-LTE stores the setting changes into volatile and non-volatile
memory. All data stored in volatile memory will disappear when the OnCell G3470A-LTE is shutdown or
rebooted unless they are y. Because the OnCell G3470A-LTE starts up and initializes with the settings stored in
flash memory, all new changes must be saved to flash memory before restarting the OnCell G3470A-LTE.
This also means the new changes will not work unless you run either the Save Configuration function or the
Restart function.
After you click on Save Configuration in the left menu box, the following screen will appear. Click Save if you
wish to update the configuration settings in the flash memory at this time. Alternatively, you may choose to run
other functions and put off saving the configuration until later. However, the new setting changes will remain
in the non-volatile memory until you save the configurations.
OnCell 3470A-LTE Web Console Configuration
3-42
Restart
If you submitted configuration changes, you will find a blinking string in the upper right corner of the screen.
After making all your changes, click the Restart function in the left menu box. One of two different screens will
appear.
If you made changes recently but did not save, you will be given two options. Clicking the Restart button here
will reboot the OnCell G3470A-LTE directly, and all setting changes will be ignored. Clicking the Save and
Restart button will apply all setting changes and then reboot the OnCell G3470A-LTE.
If you run the Restart function without changing any configurations or saving all your changes, you will see
just one Restart button on your screen.
You will not be able to run any of the OnCell G3470A-LTE’s functions while the system is rebooting.
Logout
Logout helps users disconnect the current HTTP or HTTPS session and go to the Login page. For security
reasons, we recommend you logout before quitting the console manager.
4. Software Installation and Configuration
The following topics are covered in this chapter:
Overview
Wireless Search Utility
Installing the Wireless Search Utility
Configuring the Wireless Search Utility
4
OnCell 3470A-LTE Software Installation and Configuration
4-2
Overview
The Documentation & Software CD included with your OnCell G3470A-LTE is designed to make the installation
and configuration procedure easy and straightforward. This auto-run CD includes the Wireless Search Utility (to
broadcast search for all OnCell G3470A-LTE units accessible over the network), the OnCell G3470A-LTE User’s
Manual, and Quick Installation Guide.
Wireless Search Utility
Installing the Wireless Search Utility
Click INSTALL UTILITY in the OnCell Installation CD auto-run window to install the Wireless Search Utility.
Once the program starts running, click Yes to proceed.
1. Click Next when the Welcome screen opens to proceed with the installation.
OnCell 3470A-LTE Software Installation and Configuration
4-3
2. Click Next to install program files to the default directory, or click Browse to select an alternate location.
3. Click Next to create the program’s shortcut files to the default directory, or click Browse to select an
alternate location.
OnCell 3470A-LTE Software Installation and Configuration
4-4
4. Click Next to select additional tasks.
5. Click Next to proceed with the installation. The installer then displays a summary of the installation options.
6. Click Install to begin the installation. The setup window will report the progress of the installation. To
change the installation settings, click Back and navigate to the previous screen.
OnCell 3470A-LTE Software Installation and Configuration
4-5
7. Click Finish to complete the installation of the Wireless Search Utility.
Configuring the Wireless Search Utility
The Broadcast Search function is used to locate all OnCell G3470A-LTE APs that are connected to the same LAN
as your computer. After locating an OnCell G3470A-LTE, you will be able to change its IP address. Since the
Broadcast Search function searches by TCP packet and not IP address.
1. Start the Wireless Search Utility program.
If this is the first time you start the program, you are prompted to set the password (must be longer than
four characters).
2. In the Wireless Search Utility screen, choose one of the following options and click OK.
• Device search only–Search for OnCell G3470A-LTE units and to view each OnCell G3470A-LTE’s
configuration.
• Device management–Assign IP addresses, upgrade firmware, and locate devices.
OnCell 3470A-LTE Software Installation and Configuration
4-6
3. Click Search.
4. The “Searching” window indicates the progress of the search. When the search is complete, all devices that
were located will be displayed in the Wireless Search Utility window.
OnCell 3470A-LTE Software Installation and Configuration
4-7
5. Click Locate to cause the selected device to beep.
6. Make sure that your device is unlocked before using the search utility’s icons setting. The device will unlock
automatically if the password is set to the default. Otherwise you must enter the new password manually.
7. Go to Tools > Device login Options to manage and unlock additional AWKs.
OnCell 3470A-LTE Software Installation and Configuration
4-8
8. Use the scroll down list to select the MAC addresses of the devices that you want to manage, and then click
Add. Key in the password for the device and then click OK to save. If you return to the search page and
search for the device again, you will find that the device will unlock automatically.
To modify the configuration of the highlighted device, click the Web icon to open the web console. This will take
you to the web console, where you can make all configuration changes. Refer to Chapter 3, “Using the Web
Console,” for information on how to use the web console.
Click Telnet if you would like to use telnet to configure your devices.
OnCell 3470A-LTE Software Installation and Configuration
4-9
Click Assign IP to change the IP setting.
The three advanced options—Search, Connection, and Miscellaneous—are explained below:
Search
• Retry count (default=5): Indicates how many times the search will be retried automatically.
• Retry interval (ms): The time to wait between retries.
Connection
• Connection timeout (secs): Use this option to set the waiting time for the Default Login, Locate,
Assign IP, Upload Firmware, and Unlock to complete.
• Upgrade timeout (secs): Use this option to set the waiting time for the connection to disconnect while the
firmware is upgrading. Use this option to set the waiting time for the Firmware to write to flash.
• Protocol timeout (msec): Use this option to set the waiting time for package round trip while sending out
comments . If no response within 200 msec will recognize connection failed.
OnCell 3470A-LTE Software Installation and Configuration
4-10
Misc.
Search on start: Checkmark this box if you would like the search function to start searching for devices after
you log in to the Wireless Search Utility.
A
A. Supporting Information
This chapter presents additional information about this product. You can also learn how to contact Moxa for
technical support.
The following topics are covered in this appendix:
Firmware Recovery
DoC (Declaration of Conformity)
Federal Communication Commission Interference Statement
R&TTE Compliance Statement
OnCell 3470A-LTE Supporting Information
A-2
Firmware Recovery
When the Ready, FAULT, Signal Strength, 4G, 3G, 2G, and GPS LEDs turn on simultaneously and blink at
one-second interval, it means the system booting has failed. It may result from some wrong operation or
uncontrollable issues, such as an unexpected shutdown during firmware update. The OnCell G3470A-LTE is
designed to help administrators recover such damage and resume system operation rapidly. You can refer to
the following instructions to recover the firmware:
Connect to the OnCell G3470A-LTE’s RS-232 console with 115200bps and N-8-1. You will see the following
message shown on the terminal emulator every one second.
Take the following steps for the firmware recovery:
1. Change the IP address of the laptop to 192.168.127.1.
2. Set up a TFTP sever in your laptop.
3. Download OnCell G3470A-LTE's firmware from Moxa Website
4. Change firmware file name to g3470.rom
5. Connect to the OnCell G3470A-LTE's RJ45 Ethernet port
If setting is correct, you will see the following message shown on the terminal emulator, and the OnCell
G3470A-LTE will reboot when the firmware recovery process has been finished.
Trying eth0
Using eth0 device
TFTP from server 192.168.127.1; our IP address is 192.168.127.254
Filename 'g3470.rom'.
Load address: 0x80060000
Loading:
*#################################################################
#################################################################
#################################################################
OnCell 3470A-LTE Supporting Information
A-3
DoC (Declaration of Conformity)
Federal Communication Commission Interference Statement
This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part
15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in
a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not
installed and used in accordance with the instructions, may cause harmful interference to radio
communications. However, there is no guarantee that interference will not occur in a particular installation. If
this equipment does cause harmful interference to radio or television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the interference by one of the
following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
• Consult the dealer or an experienced radio/TV technician for help.
FCC Caution: To assure continued compliance, (example – use only shielded interface cables when connecting
to computer or peripheral devices). Any changes or modifications not expressly approved by the party
responsible for compliance could void the user’s authority to operate this equipment. This transmitter must not
be co-located or operated in conjunction with any other antenna or transmitter.
FCC Radiation Exposure Statement
This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This
equipment should be installed and operated with a minimum distance of 20 cm between the radiator & your
body.
This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This
device may not cause harmful interference, and (2) this device must accept any interference received,
including interference that may cause undesired operation.
FCC 15.407(e): Within the 5.15-5.25 GHz band, U-NII devices will be restricted to indoor operations to reduce
any potential for harmful interference to co-channel MSS operations.
OnCell 3470A-LTE Supporting Information
A-4
R&TTE Compliance Statement
Moxa declares that the apparatus OnCell G3470A-LTE complies with the essential requirements and other
relevant provisions of Directive 1999/5/EC.
This equipment complies with all the requirements of DIRECTIVE 1999/5/CE OF THE EUROPEAN PARLIAMENT
AND THE COUNCIL OF 9 March 1999 on radio equipment and telecommunication terminal equipment and the
mutual recognition of their conformity (R&TTE).
The R&TTE Directive repeals and replaces in the directive 98/13/EEC (Telecommunications Terminal
Equipment and Satellite Earth Station Equipment) as of April 8, 2000.
Safety
This equipment is designed with the utmost care for the safety of those who install and use it. However, special
attention must be paid to the dangers of electric shock and static electricity when working with electrical
equipment. All guidelines of this and of the computer manufacturer must therefore be allowed at all times to
ensure the safe use of the equipment.
EU Countries Intended for Use
The ETSI version of this device is intended for home and office use in Austria, Belgium, Denmark, Finland,
France (with Frequency channel restrictions), Germany, Greece, Ireland, Italy, Luxembourg, Portugal, Spain,
Sweden, The Netherlands, and United Kingdom.
The ETSI version of this device is also authorized for use in EFTA member states Norway and Switzerland.
EU Countries Not Intended for Use
None.
Potential Restrictive Use
France: only channels 10, 11, 12, and 13.
B
B. Dynamic Domain Name Server
This appendix explains how to use the OnCell G3470A-LTE with DDNS. When the OnCell G3470A-LTE receive
its IP address from a DHCP (Dynamic Host Configuration Protocol) server, remote servers will be unable to
access it using a fixed IP address. With DDNS (Dynamic Domain Name Server), a remote server can access the
OnCell G3470A-LTE using its domain name instead of its IP address.
The following is a summary of the process:
1. The OnCell G3470A-LTE sends a request for an IP address to the DHCP server. At the same time, it notifies
the DHCP server of its desired server name (“OC3100” in the illustration) according to the option 12
standard.
2. The DHCP server replies with the IP address that is assigned to the OnCell G3470A-LTE, along with the
domain name (“moxa.com” in the illustration) and the IP addresses for the DNS server and gateway.
3. If the OnCell G3470A-LTE has authorization to update the DNS server, it will register its FQDN (Fully
Qualified Domain Name) with the DNS server. The OnCell G3470A-LTE’s FQDN will be in the format server
name.domain name (“OC3100.moxa.com” in the illustration).
4. If the OnCell G3470A-LTE is not authorized to update the DNS server, the DHCP server can be used to
update the DNS server. The DHCP server will register the DNS server with the PTR RR (the record of request
for a domain name with IP address).
OnCell 3470A-LTE Dynamic Domain Name Server
B-2
The above screenshot shows how DHCP can be set up to update the DNS.
C
C. Well-Known Port Numbers
In this appendix, we provide a list of port numbers that may cause network problems if you set the OnCell
G3470A-LTE to one of these ports. Refer to RFC 1700 standards for a list of well-known port numbers or to the
following introduction from the IANA:
The port numbers are divided into three ranges: the Well Known Ports, the Registered Ports, and the Dynamic
and/or Private Ports.
The Well Known Ports range from 0 through 1023.
The Registered Ports range from 1024 through 49151.
The Dynamic and/or Private Ports range from 49152 through 65535.
The Well Known Ports are assigned by the IANA, and on most systems, can only be used by system processes
or by programs executed by privileged users. The following table shows famous port numbers among the listed
well-known port numbers. For more details, please visit the IANA website at
http://www.iana.org/assignments/port-numbers
TCP Socket Application Service
0 Reserved
1 TCP Port Service Multiplexer
2 Management Utility
7 Echo
9 Discard
11 Active Users (systat)
13 Daytime
15 Netstat
20 FTP data port
21 FTP control port
23 Telnet
25 SMTP (Simple Mail Transfer Protocol)
37 Time (Time Server)
42 Host name server (names server)
43 Whois (nickname)
49 Login Host Protocol (login)
53 Domain Name Server (domain)
79 Finger protocol (finger)
80 World Wide Web (HTTP)
119 Network News Transfer Protocol (NNTP)
123 Network Time Protocol
213 IPX
160 to 223 Reserved for future use
.
OnCell 3470A-LTE Well-Known Port Numbers
C-2
UDP Socket Application Service
0 Reserved
2 Management Utility
7 Echo
9 Discard
11 Active Users (systat)
13 Daytime
35 Any private printer server
39 Resource Location Protocol
42 Host name server (names server)
43 Whois (nickname)
49 Login Host Protocol (login)
53 Domain Name Server (domain)
69 Trivial Transfer Protocol (TETP)
70 Gopher Protocol
79 Finger Protocol
80 World Wide Web (HTTP)
107 Remote Telnet Service
111 Sun Remote Procedure Call (Sunrpc)
119 Network News Transfer Protocol (NNTP)
123 Network Time Protocol (NTP)
161 SNMP (Simple Network Mail Protocol)
162 SNMP Traps
213 IPX (used for IP Tunneling)
Loading...