virtual access GW1032, GW1042, GW1032M, GW1042M, GW2021 User Manual

...

Issue:

1.9

Date:

27 March 2017

GW1000 Series User Manual

GW1000 Series Router

GW1000M Series Router

_______________________________________________________________________________________________________

Table of Contents

1 Introduction ................................................................................................. 9

1.1 Document scope ....................................................................................... 9

1.2 Using this documentation ........................................................................... 9

2 GW1000 Series hardware ........................................................................... 12

2.1 Hardware model varients ......................................................................... 12

2.2 GW1000 Series hardware features ............................................................ 13

2.3 GSM technology ...................................................................................... 13

2.4 WiFi technology ...................................................................................... 13

2.5 Power supply .......................................................................................... 14

2.6 GW1000 Series router dimensions............................................................. 14

2.7 GW1000M Series router dimensions .......................................................... 14

2.8 Compliance ............................................................................................ 14

2.9 Operating temperature range ................................................................... 15

2.10 Antenna ................................................................................................. 15

2.11 Components ........................................................................................... 16

2.12 Inserting a SIM card ................................................................................ 17

2.13 Connecting the SIM lock .......................................................................... 17

2.14 Connecting cables ................................................................................... 17

2.15 Connecting the antenna ........................................................................... 17

2.16 Powering up ........................................................................................... 17

2.17 Reset button .......................................................................................... 18

3 GW1000 and GW1000M Series LED behaviour ............................................ 19

3.1 Main LED behaviour................................................................................. 19

3.2 GW1000 and GW1000M Series Ethernet port LED behaviour ........................ 20

4 Installing a router into a vehicle ................................................................. 21

4.1 Installing a router into a vehicle using a non-fused power cable .................... 21

4.2 Installing a router into a vehicle using a fused power cable .......................... 22

5 Factory configuration extraction from SIM card ......................................... 23

6 Accessing the router ................................................................................... 24

6.1 Configuration packages used .................................................................... 24

6.2 Accessing the router over Ethernet using the web interface .......................... 24

6.3 Accessing the router over Ethernet using an SSH client ............................... 25

6.4 Accessing the router over Ethernet using a Telnet client .............................. 26

6.5 Configuring the password ......................................................................... 26

6.6 Configuring the password using the web interface ....................................... 26

6.7 Configuring the password using UCI .......................................................... 27

6.8 Configuring the password using package options......................................... 27

6.9 Accessing the device using RADIUS authentication ...................................... 28

6.10 Accessing the device using TACACS+ authentication ................................... 29

6.11 SSH ...................................................................................................... 32

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 2 of 350

_______________________________________________________________________________________________________

Table of Contents

6.12 Package dropbear using UCI ..................................................................... 34

6.13 Certs and private keys ............................................................................. 35

6.14 Configuring a router’s web server ............................................................. 36

6.15 Basic authentication (httpd conf) .............................................................. 41

6.16 Securing uhttpd ...................................................................................... 42

7 Configuring Dynamic DNS ........................................................................... 43

7.1 Overview ............................................................................................... 43

7.2 Configuration packages used .................................................................... 43

7.3 Configuring Dynamic DNS using the web interface ...................................... 43

7.4 Dynamic DNS using UCI........................................................................... 45

8 System settings .......................................................................................... 47

8.1 Configuration package used ..................................................................... 47

8.2 Configuring system properties .................................................................. 47

8.3 System settings using UCI ....................................................................... 51

8.4 System diagnostics ................................................................................. 52

9 Upgrading router firmware ......................................................................... 54

9.1 Software versions ................................................................................... 54

9.2 Upgrading firmware using CLI .................................................................. 60

10 Router file structure ................................................................................... 63

10.1 System information ................................................................................. 63

10.2 Identify your software version .................................................................. 64

10.3 Image files ............................................................................................. 65

10.4 Directory locations for UCI configuration files ............................................. 65

10.5 Viewing and changing current configuration ............................................... 65

10.6 Configuration file syntax .......................................................................... 66

10.7 Managing configurations .......................................................................... 66

10.8 Exporting a configuration file .................................................................... 67

10.9 Importing a configuration file ................................................................... 68

11 Using the Command Line Interface ............................................................. 72

11.1 Overview of some common commands ...................................................... 72

11.2 Using Unified Configuration Interface (UCI) ................................................ 75

11.3 Configuration files ................................................................................... 80

11.4 Configuration file syntax .......................................................................... 80

12 Management configuration settings ........................................................... 82

12.1 Activator ................................................................................................ 82

12.2 Monitor .................................................................................................. 82

12.3 Configuration packages used .................................................................... 82

12.4 Autoload: boot up activation ..................................................................... 83

12.5 Autoload packages .................................................................................. 83

12.6 Autoload using UCI ................................................................................. 86

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 3 of 350

_______________________________________________________________________________________________________

Table of Contents

12.7 HTTP Client: configuring activation using the web interface .......................... 87

12.8 Httpclient: Activator configuration using UCI .............................................. 89

12.9 Httpclient: Activator configuration using package options ............................. 90

12.10 User management using UCI ................................................................. 91

12.11 Configuring the management user password using UCI ............................. 92

12.12 Configuring management user password using package options ................. 92

12.13 User management using UCI ................................................................. 93

12.14 User management using package options ............................................... 93

12.15 Configuring user access to specific web pages ......................................... 94

13 Configuring an Ethernet interface on a GW1000 router .............................. 95

13.1 Configuration packages used .................................................................... 95

13.2 Configuring an Ethernet interface using the web interface ............................ 95

13.3 Interface overview: editing an existing interface ......................................... 96

13.4 Configuring an Ethernet interface using UCI ............................................. 104

13.5 Interface diagnostics ............................................................................. 107

14 Configuring ignition sense ........................................................................ 109

14.1 Configuration packages used .................................................................. 109

14.2 Configuring vapowermond using the web interface .................................... 109

14.3 Configuring vapowermond using the command line ................................... 111

14.4 Ignition sense diagnositcs ...................................................................... 112

15 Configuring DHCP server and DNS (Dnsmasq) .......................................... 113

15.1 Configuration package used ................................................................... 113

15.2 Configuring DHCP and DNS using the web interface .................................. 113

15.3 Configuring DHCP and DNS using UCI ...................................................... 121

15.4 Configuring DHCP pools using UCI ........................................................... 123

15.5 Configuring static leases using UCI .......................................................... 124

16 Configuring VLAN ..................................................................................... 125

16.1 Maximum number of VLANs supported .................................................... 125

16.2 Configuration package used ................................................................... 125

16.3 Configuring VLAN using the web interface ................................................ 125

16.4 Viewing VLAN interface settings .............................................................. 128

16.5 Configuring VLAN using the UCI interface ................................................. 129

17 QoS: type of service .................................................................................. 130

17.1 QoS configuration overview .................................................................... 130

17.2 Configuration packages used .................................................................. 130

17.3 Configuring QoS using the web interface .................................................. 130

17.4 Configuring QoS using UCI ..................................................................... 132

17.5 Example QoS configurations ................................................................... 135

18 QoS: VLAN 802.1Q PCP tagging ................................................................ 136

18.1 Configuring VLAN PCP tagging ................................................................ 136

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 4 of 350

_______________________________________________________________________________________________________

Table of Contents

19 Configuring static routes .......................................................................... 139

19.1 Configuration package used ................................................................... 139

19.2 Configuring static routes using the web interface ...................................... 139

19.3 Configuring IPv6 routes using the web interface ....................................... 140

19.4 Configuring routes using command line ................................................... 140

19.5 IPv4 routes using UCI ............................................................................ 141

19.6 IPv4 routes using package options .......................................................... 142

19.7 IPv6 routes using UCI ............................................................................ 142

19.8 IPv6 routes using packages options ......................................................... 142

19.9 Static routes diagnostics ........................................................................ 143

20 Configuring BGP (Border Gateway Protocol) ............................................ 144

20.1 Configuration package used ................................................................... 144

20.2 Configuring BGP using the web interface .................................................. 144

20.3 Configuring BGP using UCI ..................................................................... 147

20.4 Configuring BGP using packages options .................................................. 148

20.5 View routes statistics ............................................................................. 149

21 Configuring a WiFi connection .................................................................. 150

21.1 Configuration packages used .................................................................. 150

21.2 Configuring a WiFi interface using the web interface .................................. 150

21.3 Configuring WiFi in AP mode ................................................................... 156

21.4 Configuring WiFi using UCI ..................................................................... 158

21.5 Creating a WiFi in Client mode using the web interface .............................. 161

21.6 Configuring WiFi in Client mode using command line ................................. 162

22 Configuring a mobile connection .............................................................. 164

22.1 Configuration package used ................................................................... 164

22.2 Configuring a mobile connection using the web interface ............................ 164

22.3 Configuring a mobile connection using CLI ............................................... 170

22.4 Diagnositcs .......................................................................................... 171

23 Configuring mobile manager..................................................................... 173

23.1 Configuration package used ................................................................... 173

23.2 Configuring mobile manager using the web interface ................................. 173

23.3 Configuring mobile manager using UCI .................................................... 176

23.4 Configuring a roaming interface template via the web interface .................. 177

23.5 Monitoring SMS .................................................................................... 177

23.6 Sending SMS from the router ................................................................. 178

23.7 Sending SMS to the router ..................................................................... 178

24 Configuring Multi-WAN ............................................................................. 179

24.1 Configuration package used ................................................................... 179

24.2 Configuring Multi-WAN using the web interface ......................................... 179

24.3 Multi-WAN traffic rules ........................................................................... 184

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 5 of 350

_______________________________________________________________________________________________________

Table of Contents

24.4 Configuring Multi-WAN using UCI ............................................................ 184

24.5 Multi-WAN diagnostics ........................................................................... 185

25 Automatic operator selection .................................................................... 188

25.1 Configuration package used ................................................................... 188

25.2 Configuring automatic operator selection via the web interface ................... 188

25.3 Configuring via UCI ............................................................................... 208

25.4 Configuring no PMP + roaming using UCI ................................................. 212

25.5 Automatic operator selection diagnostics via the web interface ................... 214

25.6 Automatic operator selection diagnostics via UCI ...................................... 216

26 Configuring IPSec ..................................................................................... 219

26.1 Configuration package used ................................................................... 219

26.2 Configuring IPSec using the web interface ................................................ 219

26.3 Configuring IPSec using UCI ................................................................... 227

26.4 Configuring an IPSec template for DMVPN via the web interface ................. 231

26.5 Configuring an IPSec template to use with DMVPN .................................... 239

26.6 IPSec diagnostics using the web interface ................................................ 241

26.7 IPSec diagnostics using UCI ................................................................... 241

27 Configuring firewall .................................................................................. 242

27.1 Configuration package used ................................................................... 242

27.2 Configuring firewall using the web interface ............................................. 242

27.3 Configuring firewall using UCI ................................................................. 254

27.4 IPv6 notes ........................................................................................... 256

27.5 Implications of DROP vs. REJECT ............................................................ 256

27.6 Connection tracking .............................................................................. 257

27.7 Firewall examples ................................................................................. 257

28 Configuring SNMP ..................................................................................... 265

28.1 Configuration package used ................................................................... 265

28.2 Configuring SMNP using the web interface................................................ 265

28.3 Configuring SNMP using command line .................................................... 270

29 Configuring VRRP ..................................................................................... 277

29.1 Overview ............................................................................................. 277

29.2 Configuration package used ................................................................... 277

29.3 Configuring VRRP using the web interface ................................................ 277

29.4 Configuring VRRP using UCI ................................................................... 279

30 Dynamic Multipoint Virtual Private Network (DMVPN) ............................. 281

30.1 Prerequisites for configuring DMVPN ........................................................ 281

30.2 Advantages of using DMVPN ................................................................... 281

30.3 DMVPN scenarios .................................................................................. 282

30.4 Configuration packages used .................................................................. 284

30.5 Configuring DMVPN using the web interface ............................................. 284

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 6 of 350

_______________________________________________________________________________________________________

Table of Contents

30.6 DMVPN diagnostics ................................................................................ 286

31 Configuring Terminal Server ..................................................................... 289

31.1 Overview ............................................................................................. 289

31.2 Configuration packages used .................................................................. 289

31.3 Configuring Terminal Server using the web interface ................................. 289

31.4 Terminal Server using UCI ..................................................................... 299

31.5 Terminal Server using package options .................................................... 300

31.6 Terminal Server diagnostics ................................................................... 300

32 Configuring Terminal package .................................................................. 303

32.1 Configuration packages used .................................................................. 303

32.2 Configuring Terminal using the web interface ........................................... 303

32.3 Configuring Terminal package using UCI .................................................. 303

32.4 Configuring Terminal Server using package options ................................... 304

32.5 Terminal diagnostics .............................................................................. 304

33 Configuring a GRE interface ...................................................................... 305

33.1 Configuration packages used .................................................................. 305

33.2 Creating a GRE connection using the web interface ................................... 305

33.3 GRE configuration using command line .................................................... 310

33.4 GRE configuration using UCI ................................................................... 310

33.5 GRE configuration using package options ................................................. 310

33.6 GRE diagnostics .................................................................................... 311

34 Configuring multicasting using PIM and IGMP interfaces ......................... 313

34.1 Overview ............................................................................................. 313

34.2 Configuration package used ................................................................... 313

34.3 Configuring PIM and IGMP using the web interface .................................... 313

34.4 Configuring PIM and IGMP using UCI ....................................................... 315

35 Event system ............................................................................................ 317

35.1 Configuration package used ................................................................... 317

35.2 Implementation of the event system ....................................................... 317

35.3 Supported events .................................................................................. 317

35.4 Supported targets ................................................................................. 318

35.5 Supported connection testers ................................................................. 318

35.6 Configuring the event system using the web interface ............................... 318

35.7 Configuring the event system using UCI .................................................. 318

35.8 Event system diagnostics ....................................................................... 329

36 Configuring SLA reporting on Monitor ....................................................... 335

36.1 Introduction ......................................................................................... 335

36.2 Configuring SLA reporting ...................................................................... 335

36.3 Configuring router upload protocol .......................................................... 336

36.4 Viewing graphs ..................................................................................... 336

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 7 of 350

_______________________________________________________________________________________________________

Table of Contents

36.5 Generating a report ............................................................................... 339

36.6 Reporting device status to Monitor using UCI ............................................ 342

37 Configuring SLA for a router ..................................................................... 346

37.1 Configuration package used ................................................................... 346

37.2 Configuring SLA for a router using the web interface ................................. 346

37.3 Configuring SLA for a router using the UCI interface .................................. 348

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 8 of 350

_______________________________________________________________________________________________________

GW1032:

Dual Ethernet, 3G, Dual SIM, WiFi

GW1042:

Dual Ethernet, 4G/LTE, Dual SIM, WiFi

GW1032M:

Dual Ethernet, 3G, Dual SIM, Dual WiFi SMA female connectors

GW1042M:

Dual Ethernet, 4G/LTE, Dual SIM, Dual WiFi SMA female connectors

1 Introduction

This user manual describes the features and how to configure Virtual Access GW1000 and GW1000M Series routers.

The Virtual Access GW1000 and GW1000M Series routers enable 3G/LTE connectivity in vehicles such as buses, taxis and fleet vehicles for applications such as passenger WiFi internet access, telemetry and employee WiFi access to corporate network services.

Designed for managed network providers, GW1000 and GW1000M Series routers provide secure WAN connectivity for internet and private networking environments over 3G or 4G broadband paths and incorporate optional 802.11n WiFi connectivity.

1.1 Document scope

This document covers models in the GW1000 Series and the GW1000M Series. For general references, we refer to the GW1000 Series throughout. Feature variations between GW1000 Series and GW1000M Series are described in separate sections.

1: Introduction

1.1.1 GW1000 Series routers

The Virtual Access GW1000 Series router is a compact 3G/4G LTE router with WiFi, designed with a lightweight plastic case with optional carrier for use in vehicles and a wide range of site-based applications.

1.1.2 GW1000M Series routers

The Virtual Access GW1000M Series router is a compact 3G/4G LTE router with WiFi, designed with a rugged metal housing for use in vehicles and a wide range of site-based applications.

1.2 Using this documentation

You can configure your router using either the router’s web interface or via the command

line using UCI commands. Each chapter explains first the web interface settings, followed by how to configure the router using UCI. The web interface screens are shown

along with a path to the screen for example, ‘In the top menu, select Service -> SNMP.’ followed by a screen grab.

After the screen grab there is an information table that describes each of the screen’s

fields.

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 9 of 350

_______________________________________________________________________________________________________

Web Field/UCI/Package Option

Description

Web: Metric UCI: network.@route[0].metric Opt: metric

Specifies the route metric to use.

1.2.1 Information tables

We use information tables to show the different ways to configure the router using the router’s web and command line. The left-hand column shows three options:

 Web: refers the command on the router’s web page,

 UCI: shows the specific UCI command, and

 Opt: shows the package option.

The right-hand column shows a description field that describes the feature’s field or command and shows any options for that feature.

Some features have a drop-down menu and the options are described in a table within the description column. The default value is shown in a grey cell.

Values for enabling and disabling a feature are varied throughout the web interface, for example, 1/0; Yes/No; True/False; check/uncheck a radio button. In the table descriptions, we use 0 to denote Disable and 1 to denote Enable.

Some configuration sections can be defined more than once. An example of this is the

routing table where multiple routes can exist and all are named ‘route’. For these

sections, the UCI command will have a code value [0] or [x] (where x is the section number) to identify the section.

1: Introduction

Note: these sections can be given a label for identification when using UCI or package options.

network.@route[0]=route

network.@route[0].metric=0

can be witten as:

network.routename=route

network.routename.metric=0

However the documentation usually assumes that a section label is not configured.

The table below shows fields from a variety of chapters to illustrate the explanations above.

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 10 of 350

_______________________________________________________________________________________________________

Web Field/UCI/Package Option

Description

Web: Enable UCI: cesop.main.enable Opt: enable

Enables CESoPSN services.

Disabled.

Enabled.

Web: Syslog Severity UCI: cesop.main.severity Opt: log_severity

Selects the severity used for logging events CESoPSN in syslog. The following levels are available.

Emergency

Alert

Critical

Error

Warning

Notice

Informational

Debug

Web: Agent Address UCI: snmpd.agent[0].agentaddress Opt: agentaddress

Specifies the address(es) and port(s) on which the agent should listen.

[(udp|tcp):]port[@address][,…]

1: Introduction

Table 1: Example of an information table

1.2.2 Definitions

Throughout the document, we use the host name ‘VA_router’ to cover all router models.

UCI commands and package option examples are shown in the following format:

root@VA_router:~# vacmd show current config

1.2.3 Diagnostics

Diagnostics are explained at the end of each feature’s chapter.

1.2.4 UCI commands

For detailed information on using UCI commands, read chapters ‘Router File Structure’ and ‘Using Command Line Interface’.

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 11 of 350

_______________________________________________________________________________________________________

GW1032:

Dual Ethernet, 3G, dual SIM, WiFi, plastic casing and carrier.

GW1042:

Dual Ethernet, 4G/LTE, dual SIM, WiFi, plastic casing and carrier.

GW1032M

Dual Ethernet, 3G, dual SIM, dual WiFi, dual WiFi SMA connectors, metal casing, optional carrier.

GW1042M

Dual Ethernet, 4G/LTE, dual SIM, dual WiFi, dual WiFi SMA connectors, metal casing, optional carrier

2 GW1000 Series hardware

2.1 Hardware model varients

2.1.1 GW1000 Series router

Figure 1: GW1000 series router front

2: GW1000 Series hardware

Figure 2: GW1000 series router back

2.1.2 GW1000M Series router

Figure 3: GW1000M series router front

Figure 4: GW1000M series router back

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 12 of 350

_______________________________________________________________________________________________________

2.2 GW1000 Series hardware features

2.2.1 GW1000 Series router

 Dual SIM sockets

 Dual antenna SMA connectors for 3G/4G main and aux

 GPS antenna with 3.3V active power feed

 Two 10/100 Mbps Ethernet ports

 WiFi internal antennas

 Concurrent Access Point and Station mode

2.2.2 GW1000M Series router

 Dual SIM sockets

 Dual antenna SMA connectors for 3G/4G main and aux

2: GW1000 Series hardware

 GPS antenna with 3.3V active power feed

 Two 10/100 Mbps Ethernet ports

 Dual WiFi internal antennas

 Dual WiFi SMA female connectors

 Concurrent Access Point and Station mode

2.3 GSM technology

 LTE

 HSPA+

 EDGE/GPRS

 GPS

2.4 WiFi technology

 802.11 b/g/n

 Single band 2.4GHz

 Up to 20dBm output power

 Internal antenna

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 13 of 350

_______________________________________________________________________________________________________

Unit size:

114W 114D 29Hmm

Unit size with carrier:

120W 120D 32Hmm Unit weight:

209g

Unit size:

114W 114D 38Hmm

Unit size with carrier:

120W 120D 42Hmm Unit weight:

450g

Safety

EN60950-1: 2006

EMC

EN55022:1998 Class B and EN55024:1998 ETSI 301489-17

Environmental

ETSI 300 019-1-3 Sinusoidal Vibration and Shock ETSI 300 019-2-3 Random Vibration.

WiFi 2.4GHz

ETSI EN 300 328 V1.9 (2015-02)

2.5 Power supply

The GW1000 and GW1000M Series router has three power supply options:

 Standard 12V DC 0.5 A

 12V DC 0.5 A with extended temp (-20˚C to -70˚C)

 Power lead with 3 connectors for 12V permanent, 12V switched (ignition sense)

and ground

2.6 GW1000 Series router dimensions

2.7 GW1000M Series router dimensions

2: GW1000 Series hardware

2.8 Compliance

The GW1000 and GW1000M Series router is compliant and tested to the following standards:

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 14 of 350

_______________________________________________________________________________________________________

RF Band

2G Bands

3G Bands

4G LTE Bands

Operating Temp

RFA

850/900/1800/1900

900/2100

-20°C to 70°C

RFB

850/900/1800/1900

850/900/1900/2100

-20°C to 70°C

RFC

850/900/1800/1900

850/900/1900/2100

B1/B2/B3/B5/B7/B8/B20

-20°C to 70°C

RFD - -

B3/B7/B20/B31

-20°C to 60°C

RFE

900/1800

900/2100

B1/B3/B7/B8/B20/B38/B4 0

-20°C to 70°C

RFF

CDMA TX 452.500~457.475 RX 462.000~467.475

-20°C to 60°C RFG

850/900/1800/1900

850/900/2100

B1/B3/B5/B7/B20

40°C to 70°C

RFH - 850/1900

B2/B4/B5/B17

30°C to 70°C

RFJ

450

40°C to 70°C

2.9 Operating temperature range

The operating temperature range depends on the RF Band.

2: GW1000 Series hardware

2.10 Antenna

The GW1000 Series router has two SMA connectors for connection of two antennas for antenna diversity. Antenna diversity helps improve the quality of a wireless link by mitigating problems associated with multipath interference. The GW1000M has two additional SMA female WiFi antenna sockets.

2.10.1 GW1000 Series router

 2 x 4G/LTE SMA female antenna connectors

 MIMO support in LTE versions

 1 x GPS SMA female antenna connector with 3v3 active power feed

2.10.2 GW1000M Series router

 2 x 4G/LTE SMA female antenna connectors

 MIMO support in LTE versions

 1 x GPS SMA female antenna connector with 3v3 active power feed

 2 x SMA female WiFi antenna sockets

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 15 of 350

_______________________________________________________________________________________________________

1 x GW1000 Series router with carrier

1 x GW1000M Series router

1 x plastic carrier

1 x lockable SIM cover

Ethernet cable. RJ45 connector at both ends.

Power supply unit.

Right angle antenna for 3G/4G network.

Virtual Access supplies a wide range of antennas. Please visit our website:

www.virtualaccess.com or contact Virtual Access for more information.

1 x fused automotive cable

1 x non-fused automotive cable

2.11 Components

To enable and configure connections on your router, it must be correctly installed.

The routers contain an internal web server that you use for configurations. Before you can access the internal web server and start the configuration, ensure the components are correctly connected and that your PC has the correct networking setup.

2.11.1 Standard components

2: GW1000 Series hardware

Table 2: GW1000 Series router standard components

2.11.2 Optional components

Table 3: GW1000 Series router optional components

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 16 of 350

_______________________________________________________________________________________________________

2.12 Inserting a SIM card

1. Ensure the unit is powered off.

2. Hold the SIM 1 card with the chip side facing down and the cut corner front left.

3. Gently push the SIM card into SIM slot 1 until it clicks in.

4. If using SIM 2 then hold the SIM with the cut corner front right

5. Gently push the SIM card into SIM slot 2 until it clicks in.

2.13 Connecting the SIM lock

Connect the SIM lock using the Allen key provided.

2.14 Connecting cables

Connect one end of the Ethernet cable into port A and the other end to your PC or switch. For information on connecting cables for a vehicle installation, read chapter 4, ‘Installing a router into a vehicle’.

2: GW1000 Series hardware

2.15 Connecting the antenna

If you are connecting only one antenna, screw the antenna into the MAIN SMA connector.

If you are using two antennas, screw the main antenna into the MAIN SMA connector and the secondary antenna into the AUX SMA connector.

2.16 Powering up

The router takes approximately 2 minutes to boot up. During this time, the PWR/CONFIG LED flashes in a double flash pattern – 2 quick fashes followed by a pause.

Other LEDs display different diagnostic patterns during boot up.

Booting is complete when the PWR/CONFIG LED stops double flashing and stays solid or flashing steady, indicating the particular running configuration is loaded. Read the chapter ‘GW1000 LED behaviour’, for PWR/CONFIG LED states.

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 17 of 350

_______________________________________________________________________________________________________

Press duration

PWR/CONFIG LED behaviour

Router behaviour on depress

0-3 seconds

Normal reset to running config. No special LED activity.

Between 3 and 15 seconds

Flashing slowly

Releasing between 3-15 seconds switches the router back to factory configuration.

Between 15 and 20 seconds

Releasing between 15-20 seconds performs a normal reset to running config.

Between 20 seconds and 30 seconds

Flashing faster

Releasing between 20-30 seconds reboots the router in recovery mode.

Over 30 seconds

Releasing after 30 seconds performs a normal reset.

2.17 Reset button

The reset button is used to request a system reset.

When you press the reset button the PWR/CONFIG LED will display different patterns depending on how long you press the button. The flashing patterns will be different for the 2 flashing phases indicated below. The length of time you hold the reset button will determine the router behaviour.

2: GW1000 Series hardware

2.17.1 Recovery mode

Recovery mode is a fail-safe mode where the router can load a default configuration from the routers firmware. If your router goes into recovery mode, all config files are kept intact. After the next reboot, the router will revert to the previous config file.

You can use recovery mode to manipulate the config files, but should only be used if all other configs files are corrupt. If your router has entered recovery mode, contact your local reseller for access information.

Table 4: GW1000 series router reset behaviour

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 18 of 350

_______________________________________________________________________________________________________

3: GW1000 and GW1000M Series LED behaviour

3 GW1000 and GW1000M Series LED behaviour

3.1 Main LED behaviour

There are five LEDs on the GW1000 and GW1000M Series router

Figure 5: LEDs on the GW1000 Series router

Figure 6: LEDs on the GW1000M Series router

The possible LED states are:

 Off

 Flashing slowing (2 flashes per second)

 Flashing quickly (5 flashes per second)

 Double flash (2 quick flashes then a pause)

 On

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 19 of 350

_______________________________________________________________________________________________________

Booting

The router takes approximately 2 minutes to boot up. During this time, the power LED flashes.

Other LEDs display different diagnostic patterns during boot up. Booting is complete when the power LED stops flashing and stays on

steady.

PWR/CONFIG LED

Off

No power/boot loader does not exist.

Double flash

Unit is booting from power on.

Flashing slowly

Unit is in recovery mode.

Flashing quickly

Unit is in factory configuration.

Unit has completed booting up process and is in either config 1 or config2.

SIM LEDs Off

Not selected or SIM not inserted.

Flashing

SIM selected and data connection is being established.

SIM selected and registered on the network.

Signal LEDs

Both LEDs off

Not connected or signal strength <= -113dBm.

Left LED on Right LED off

Connected and signal strength <= -89dBm.

Left LED off Right LED on

Connected and signal strength between -89dBm and -69dBm. Both LEDs on

Connected and signal strength >-69dBm.

WiFi LEDs Off

WiFi not enabled.

Flashing

Data activity on WiFi interface.

WiFi is enabled.

Ethernet LED (amber)

Physical Ethernet link detected

Flashing

Data is being transmitted/ received over the link.

3: GW1000 and GW1000M Series LED behaviour

The following table describes the possible LED behaviours and meanings on the GW1000 and GW1000M Series router.

Table 5: LED behaviour and descriptions

Note: when a data connection does not exist, none of the signal LEDs will light regardless of signal strength.

3.2 GW1000 and GW1000M Series Ethernet port LED behaviour

The Ethernet port has two physical LEDs, one is green and one is amber. When looking at the port, the amber LED is on the right and is the only active LED.

Figure 7: Ethernet LED

Table 6: Ethernet LED activity description

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 20 of 350

_______________________________________________________________________________________________________

(1)

Connector: Molex Microfit 6circuit standard

(2)

Label 20mm wide

(3)

Each wire is 1.0mm square, with overall PVC sheath

Note:

Requires 5 amp fuse in series with red and blue wires

4: Installing a router into a vehicle

4 Installing a router into a vehicle

The type of cable you need depends on your application and vehicle. You will have received either a fused or non-fused power cable for the installation.

4.1 Installing a router into a vehicle using a non-fused power cable

Install the router using the vehicle installation power cable 840-00076 provided.

Figure 8: 840-00076 3 core power cable

Table 7: Power cable descriptions

 Connect the BLACK wire to a ground wire.

 Connect the BLUE wire to a 12V switched vehicle ignition wire.

 Connect the RED wire to a 12V permanent wire.

Plug the 6 pin connector into the router.

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 21 of 350

_______________________________________________________________________________________________________

(1)

Connector: Molex Microfit 6circuit standard

(2)

Label 20mm wide

(3)

Each wire is 1.0mm square, with overall PVC sheath

(4)

Fuse

Note:

Requires 5 amp fuse in series with red and blue wires

4: Installing a router into a vehicle

4.2 Installing a router into a vehicle using a fused power cable

Install the router using the vehicle installation power cable 840-00105 provided.

Figure 9: 840-00105 3 core power cable

Table 8: Power cable descriptions

 Connect the BLACK wire to a ground wire.

 Connect the BLUE wire to a 12V switched vehicle ignition wire.

 Connect the RED wire to a 12V permanent wire.

Plug the 6 pin connector into the router.

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 22 of 350

_______________________________________________________________________________________________________

5: Factory configuration extraction from SIM card

5 Factory configuration extraction from SIM card

Virtual Access routers have a feature to update the factory configuration from a SIM card. This allows you to change the factory configuration of a router when installing the SIM.

1. Make sure the SIM card you are inserting has the required configuration written on it.

2. Ensure the router is powered off.

3. Hold the SIM 1 card with the chip side facing down and the cut corner front left.

4. Gently push the SIM card into SIM slot 1 until it clicks in.

5. Power up the router. Depending on the model, the power LED and/or the configuration LED flash as usual.

The SIM LED starts flashing. This indicates the application responsible for 3G and configuration extraction management is running. It also means the update of the configuration is happening.

When the update is finished, depending on the model, the power LED and/or the configuration LED blink alternatively and very fast for 20 seconds.

Note: factory configuration extraction is only supported on mobile modules that support phone book operations.

_______________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 23 of 350

_______________________________________________________________________________________________________

Package

Sections

dropbear

system

main

uhttpd

main cert

PC IP address

192.168.100.100

Network mask

255.255.255.0

Default gateway

192.168.100.1

6: Accessing the router

6 Accessing the router

Access the router through the web interface or by using SSH. By default, Telnet is disabled.

6.1 Configuration packages used

6.2 Accessing the router over Ethernet using the web interface

DHCP is disabled by default, so if you do not receive an IP address via DHCP, assign a static IP to the PC that will be connected to the router.

Assuming that the PC is connected to Port A on the router, in your internet browser, type in the default local IP address 192.168.100.1, and press Enter. The Authorization page appears.

Figure 10: The login page

The password may vary depending on the factory configuration the router has been shipped with. The default settings are shown below. The username and password are case sensitive.

In the username field, type root.

In the Password field, type admin.

Click Login. The Status page appears.

_____________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 24 of 350

_______________________________________________________________________________________________________

6.3 Accessing the router over Ethernet using an SSH client

You can also access the router over Ethernet, using Secure Shell (SSH) and optionally over Telnet.

To access CLI over Ethernet start an SSH client and connect to the router’s management

IP address, on port 22: 192.168.100.1/24.

On the first connection, you may be asked to confirm that you trust the host.

6: Accessing the router

Figure 11: Confirming trust of the routers public key over SSH

Figure 12: SSH CLI logon screen

In the SSH CLI logon screen, enter the default username and password.

Username: root

Password: admin

6.3.1 SCP (Secure Copy Protocol)

As part of accessing the router over SSH, you can also use SCP protocol. Use the same user authentication credentials as for SSH access. You can use SCP protocol to securely manually transfer files from and to the router’s SCP server.

No dedicated SPC client is supported; select the SCP client software of your own choice.

_____________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 25 of 350

_______________________________________________________________________________________________________

Package

Sections

system

main

6.4 Accessing the router over Ethernet using a Telnet client

Telnet is disabled by default, when you enable Telnet, SSH is disabled.

To enable Telnet, enter:

root@VA_router: ~# /etc/init.d/dropbear disable

root@VA_router: ~# reboot -f

To re-enable SSH, enter:

root@VA_router: ~# /etc/init.d/dropbear enable

root@VA_router: ~# reboot -f

Note: As SSH is enabled by default, initial connection to the router to enable Telnet must be established over SSH.

6: Accessing the router

6.5 Configuring the password

6.5.1 Configuration packages used

6.6 Configuring the password using the web interface

To change your password, in the top menu click System -> Administration. The Administration page appears.

Figure 13: The router password section

In the Router Password section, type your new password in the password field and then retype the password in the confirmation field.

Scroll down the page and click Save & Apply.

Note: the username ‘root’ cannot be changed.

_____________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 26 of 350

_______________________________________________________________________________________________________

Web Field/UCI/Package Option

Description

Web: Password UCI: system.main.password Opt: password

Defines the root password. The password is displayed encrypted via the CLI using the ‘hashpassword’ option.

UCI: system.main.hashpassword Opt: hashpassword

6.7 Configuring the password using UCI

The root password is displayed encrypted via the CLI using the hashpassword option.

root@VA_router:~# uci show system

system.main=system

system.main.hostname=VA_router

system.main.hashpassword=$1$jRX/x8A/$U5kLCMpi9dcahRhOl7eZV1

If changing the password via the UCI, enter the new password in plain text using the password option.

root@VA_router:~# uci system.main.password=newpassword

6: Accessing the router

root@VA_router:~# uci commit

The new password will take effect after reboot and will now be displayed in encrypted format via the hashpassword option.

6.8 Configuring the password using package options

The root password is displayed encrypted via the CLI using the hashpassword option.

root@VA_router:~# uci export system

package system

config system 'main'

option hostname 'VA_router'

option hashpassword '$1$wRYYiJOz$EeHN.GQcxXhRgNPVbqxVw

If changing the password via the UCI, enter the new password in plain text using the password option.

package system

config system 'main'

option hostname 'VA_router'

option hashpassword '$1$wRYYiJOz$EeHN.GQcxXhRgNPVbqxVw

option password ‘newpassword’

The new password will take effect after reboot and will now be displayed in encrypted format via the hashpassword option.

_____________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 27 of 350

_______________________________________________________________________________________________________

6.9 Accessing the device using RADIUS authentication

You can configure RADIUS authentication to access the router over SSH, web or local console interface.

package system

config system 'main'

option hostname 'VirtualAccess'

option timezone 'UTC'

config pam_auth

option enabled 'yes'

option pamservice 'login'

option pammodule 'auth'

6: Accessing the router

option pamcontrol 'sufficient'

option type 'radius'

option servers '192.168.0.1:3333|test|20 192.168.2.5|secret|10'

config pam_auth

option enabled 'yes'

option pamservice 'sshd'

option pammodule 'auth'

option pamcontrol 'sufficient' it checks package

management_users

option type 'radius'

option servers '192.168.0.1:3333|test|20 192.168.2.5|secret|10'

config 'pam_auth'

option enabled 'yes'

option pamservice 'luci"

option pammodule 'auth'

option pamcontrol 'sufficient'

option type 'radius'

servers '192.168.0.1:3333|test|20 192.168.2.5|secret|10'

_____________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 28 of 350

_______________________________________________________________________________________________________

UCI/Package Option

Description

UCI: system.@pam_auth[0].enabled=yes Opt: enabled

Enables and disables RADIUS configuration sections.

yes

Enables following RADIUS configuration section.

Disables following RADIUS configuration section.

UCI: system.@pam_auth[0].pamservice Opt: pamservice

Selects the method which users should be authenticated by.

User connecting over console cable.

sshd

User connecting over SSH.

luci

User connecting over web.

UCI: system.@pam_auth[0].pamcontrol Opt: pamcontrol

Specifies authentication behaviour after authentication fails or connection to RADIUS server is broken.

Sufficient

First authenticates against remote RADIUS if password authentication fails then it tries local database (user defined in package management_users)

Required

If either authentication fails or RADIUS server is not reachable then user is not allowed to access the router.

[success=done new_authtok_reqd=done authinfo_unavail=ignore default=die]

Local database is only checked if RADIUS server is not reachable.

UCI: system.@pam_auth[0].pammodule.auth

Opt: pammodule

Enables user authentication. UCI: system.@pam_auth[0].type.radius

Opt: type

Specifies the authentication method.

UCI: system.@pam_auth[0].servers Opt: servers

Specifies the RADIUS server or multiple servers along with port number and password. The example below explains the syntax.

192.168.0.1:3333|test|20 192.168.2.5|secret|10

6: Accessing the router

Table 9: Information table for RADIUS authentication

6.10 Accessing the device using TACACS+ authentication

TACACS+ authentication can be configured for accessing the router over SSH, web or local console interface.

package system

config system 'main'

option hostname 'VirtualAccess'

option timezone 'UTC'

config pam_auth

option enabled 'yes'

option pamservice 'sshd'

_____________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 29 of 350

_______________________________________________________________________________________________________

6: Accessing the router

option pammodule 'auth'

option pamcontrol 'sufficient'

option type 'tacplus'

option servers '192.168.0.1:49|secret'

config pam_auth

option enabled 'yes'

option pamservice 'sshd'

option pammodule 'account'

option pamcontrol 'sufficient'

option type 'tacplus'

option servers '192.168.0.1:49|secret'

option args 'service=ppp'

config pam_auth

option enabled 'yes'

option pamservice 'sshd'

option pammodule 'session'

option pamcontrol 'sufficient'

option type 'tacplus'

option servers '192.168.0.1:49|secret'

option args 'service=ppp'

config pam_auth

option enabled 'yes'

option pamservice 'luci'

option pammodule 'auth'

option pamcontrol 'sufficient'

option type 'tacplus'

option servers '192.168.0.1:49|secret'

config pam_auth

option enabled 'yes'

option pamservice 'luci'

option pammodule 'account'

option pamcontrol 'sufficient'

option type 'tacplus'

_____________________________________________________________________________________________________ © Virtual Access 2017 GW1000 Series User Manual Issue: 1.9 Page 30 of 350

+ 320 hidden pages

virtual access GW1032, GW1042, GW1032M, GW1042M, GW2021 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual