Vitriko XR5i v2, ER75i v2, UR5i v2, LR77 v2 Configuration Manual

Download

Industrial

LAN - 2G-3G-4

G Router

VITRIKO

Mobile Data Experts

, Anytime Anything Anywhere , , but always connected.

CONFIGURATION MANUAL

XR5i v2 - ER75i v2 - UR5i v2 - LR77

for v2 routers

www.vitriko.com

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Used symbols

Danger – important notice, which may have an inﬂuence on the user’s safety or the function of the device.

Attention – notice on possible problems, which can arise in speciﬁc cases.

Information, notice – information, which contains useful advice or special interest.

Firmware version

Actual version of ﬁrmware is 4.0.1 (August 25, 2014).

USED SYMBOLS

GPL licence

Source codes under GPL licence are available free of charge by sending an email to:

info@vitriko.com

Router version

Properties and settings of router associated with the GSM connection is not available in industrial router XR5i v2.

PPPoE conﬁguration item is only available on the industrial router XR5i v2, used to set the PPPoE connection over Ethernet.

Manual issued in CZ, November 7, 2014

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Contents

1 Conﬁguration over web browser 1

1.1 Secured access to web conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . 2

1.2 General . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

1.3 Mobile WAN status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

1.4 WiFi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

1.5 WiFi Scan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

1.6 Network status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

1.7 DHCP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

1.8 IPsec status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

1.9 DynDNS status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

1.10 System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

1.11 LAN conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

1.12 VRRP conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

1.13 Mobile WAN conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

1.14 PPPoE Conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

1.15 WiFi conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

1.16 WLAN conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

1.17 Backup Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

1.18 Firewall conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

1.19 NAT conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

1.20 OpenVPN tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

1.21 IPsec tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

1.22 GRE tunnels conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

1.23 L2TP tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

1.24 PPTP tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

1.25 DynDNS client conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

1.26 NTP client conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

1.27 SNMP conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

CONTENTS

1.2.1 Mobile Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

1.2.2 Primary LAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

1.2.3 Peripheral Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

1.2.4 System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

1.13.1 Connection to mobile network . . . . . . . . . . . . . . . . . . . . . . . . 23

1.13.2 DNS address conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . 24

1.13.3 Check connection to mobile network conﬁguration . . . . . . . . . . . . 24

1.13.4 Data limit conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

1.13.5 Switch between SIM cards conﬁguration . . . . . . . . . . . . . . . . . . 26

1.13.6 Dial-In access conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . 28

1.13.7 PPPoE bridge mode conﬁguration . . . . . . . . . . . . . . . . . . . . . 28

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.28 SMTP conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

1.29 SMS conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

1.30 Expansion port conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

1.31 USB port conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

1.32 Startup script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

1.33 Up/Down script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

1.34 Automatic update conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

1.35 User modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

1.36 Change proﬁle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

1.37 Change password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

1.38 Set real time clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

1.39 Set SMS service center address . . . . . . . . . . . . . . . . . . . . . . . . . . 93

1.40 Unlock SIM card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

1.41 Send SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

1.42 Backup conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

1.43 Restore conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

1.44 Update ﬁrmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

1.45 Reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

CONTENTS

1.29.1 Send SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

2 Conﬁguration setting over Telnet

iii

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

List of Figures

1 Web conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

2 Mobile WAN status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

3 WiFi Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

4 WiFi Scan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

5 Network status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

6 DHCP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

7 IPsec status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

8 DynDNS status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

9 System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

10 Example program syslogd start with the parameter -r . . . . . . . . . . . . . . . 15

11 Topo l og y of example LAN conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . 17

12 Example LAN conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

13 Topo l og y of example LAN conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . 19

14 Example LAN conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

15 Topo l og y of example LAN conﬁguration 3 . . . . . . . . . . . . . . . . . . . . . 20

16 Example LAN conﬁguration 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

17 Topo l og y of example VRRP conﬁguration . . . . . . . . . . . . . . . . . . . . . 22

18 Example VRRP conﬁguration — main router . . . . . . . . . . . . . . . . . . . . 22

19 Example VRRP conﬁguration -– backup router . . . . . . . . . . . . . . . . . . 22

20 Mobile WAN conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

21 Example of Mobile WAN conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . . 30

22 Example of Mobile WAN conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . . 30

23 Example of Mobile WAN conﬁguration 3 . . . . . . . . . . . . . . . . . . . . . . 30

24 PPPoE conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

25 WiFi konﬁgurace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

26 WLAN conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

27 Backup Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

28 Firewall conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

29 Topo l og y of example ﬁrewall conﬁguration . . . . . . . . . . . . . . . . . . . . . 42

30 Example ﬁrewall conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

31 Topo l og y of example NA T conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . 44

32 Example NAT conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

33 Topo l og y of example NA T conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . 46

34 Example NAT conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

35 OpenVPN tunnels conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

36 OpenVPN tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

37 Topo l og y of example OpenVPN conﬁguration . . . . . . . . . . . . . . . . . . . 51

38 IPsec tunnels conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

39 IPsec tunnels conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

40 Topo l og y of example IPsec conﬁguration . . . . . . . . . . . . . . . . . . . . . . 57

LIST OF FIGURES

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

41 GRE tunnels conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

42 GRE tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

43 Topo l og y of GRE tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . 59

44 L2TP tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

45 Topo l og y of example L2TP tunnel conﬁguration . . . . . . . . . . . . . . . . . . 61

46 PPTP tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

47 Topo l og y of example PPTP tunnel conﬁguration . . . . . . . . . . . . . . . . . . 63

48 Example of DynDNS conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . 64

49 Example of NTP conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

50 Example of SNMP conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . 69

51 Example of the MIB browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

52 SMTP conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

53 Example of SMS conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . . . . . . 76

54 Example of SMS conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . . . . . . 77

55 Example of SMS conﬁguration 3 . . . . . . . . . . . . . . . . . . . . . . . . . . 78

56 Example of SMS conﬁguration 4 . . . . . . . . . . . . . . . . . . . . . . . . . . 79

57 Expansion port conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

58 Example of expansion port conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . 82

59 Example of expansion port conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . 82

60 USB conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

61 Example of USB port conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . . . . 85

62 Example of USB port conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . . . . 86

63 Startup script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

64 Example of Startup script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

65 Up/Down script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

66 Example of Up/Down script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

67 Example of automatic update 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

68 Example of automatic update 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

69 User modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

70 Added user module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

71 Change proﬁle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

72 Change password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

73 Set real time clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

74 Set SMS service center address . . . . . . . . . . . . . . . . . . . . . . . . . . 94

75 Unlock SIM card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

76 Send SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

77 Restore conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

78 Update ﬁrmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

79 Reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

LIST OF FIGURES

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

List of Tables

1 Mobile connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2 Peripheral Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

3 System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

4 Mobile Network Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

5 Description of period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

6 Mobile Network Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

7 Traf ﬁc statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

8 State information about access point . . . . . . . . . . . . . . . . . . . . . . . . 7

9 State information about connected clients . . . . . . . . . . . . . . . . . . . . . 7

10 Information about neighbouring WiFi networks . . . . . . . . . . . . . . . . . . 8

11 Description of interface in network status . . . . . . . . . . . . . . . . . . . . . . 10

12 Description of information in network status . . . . . . . . . . . . . . . . . . . . 11

13 DHCP status description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

14 Conﬁguration of network interface . . . . . . . . . . . . . . . . . . . . . . . . . 16

15 Conﬁguration of dynamic DHCP server . . . . . . . . . . . . . . . . . . . . . . 17

16 Conﬁguration of static DHCP server . . . . . . . . . . . . . . . . . . . . . . . . 17

17 VRRP conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

18 Check connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

19 Mobile WAN connection conﬁguration . . . . . . . . . . . . . . . . . . . . . . . 23

20 Check connection to mobile network conﬁguration . . . . . . . . . . . . . . . . 25

21 Data limit conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

22 Default and backup SIM conﬁguration . . . . . . . . . . . . . . . . . . . . . . . 26

23 Switch between SIM card conﬁgurations . . . . . . . . . . . . . . . . . . . . . . 27

24 Switch between SIM card conﬁgurations . . . . . . . . . . . . . . . . . . . . . . 27

25 Dial-In access conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

26 PPPoE conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

27 WiFi conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

28 WLAN conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

29 Conﬁguration of DHCP server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

30 Backup Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

31 Filtering of incoming packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

32 Forwarding ﬁltering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

33 NAT conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

34 Conﬁguration of send all incoming packets . . . . . . . . . . . . . . . . . . . . . 43

35 Remote access conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

36 Overview OpenVPN tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

37 OpenVPN tunnels conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

38 Example OpenVPN conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . 51

39 Overview IPsec tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

40 IPsec tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

LIST OF TABLES

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

41 Example IPsec conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

42 Overview GRE tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

43 GRE tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

44 Example GRE tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . 59

45 L2TP tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

46 Example L2TP tunel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . 61

47 PPTP tunnel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

48 Example PPTP tunel conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . 63

49 DynDNS conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

50 NTP conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

51 SNMP agent conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

52 SNMPv3 conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

53 SNMP conﬁguration (MBUS extension) . . . . . . . . . . . . . . . . . . . . . . 67

54 SNMP conﬁguration (R-SeeNet) . . . . . . . . . . . . . . . . . . . . . . . . . . 67

55 Object identiﬁer for binary input and output . . . . . . . . . . . . . . . . . . . . 67

56 Object identiﬁer for CNT port . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

57 Object identiﬁer for M-BUS port . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

58 SMTP client conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

59 Send SMS conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

60 Control via SMS conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

61 Control SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

62 Send SMS on serial PORT1 conﬁguration . . . . . . . . . . . . . . . . . . . . . 74

63 Send SMS on serial PORT2 conﬁguration . . . . . . . . . . . . . . . . . . . . . 74

64 Send SMS on ethernet PORT1 conﬁguration . . . . . . . . . . . . . . . . . . . 74

65 List of AT commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

66 Expansion PORT conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . . . . . . 80

67 Expansion PORT conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . . . . . . 80

68 CD signal description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

69 DTR signal description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

70 USB port conﬁguration 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

71 USB PORT conﬁguration 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

72 CD signal description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

73 DTR signal description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

74 Automatic update conﬁguration . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

75 User modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

76 Teln et commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

LIST OF TABLES

vii

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. Conﬁguration over web browser

Attention! If the SIM card is not inserted in the router, then wireless transmissions will not

work. The inserted SIM card must have activated GPRS. Insert the SIM card when the router is switched-off.

For monitoring, conﬁguring and managing the router use web interface, which can be invoked by entering the IP address of the router into your browser. The default IP address of the router is 192.168.1.1. Conﬁguration may be performed only by the user "root" with initial password "root".

The left part of the web interface contains the menu with pages for monitoring (Status),

Conﬁguration, Customization and Administration of the router.

Name and Location items displays the name and location of the router ﬁlled in the SNMP

conﬁguration (see SNMP Conﬁguration).

For increased safety of the network managed by the router must be changed the default router password. If the router’s default password is set, the Change password item is highlighted in red.

1. CONFIGURATION OVER WEB BROWSER

Figure 1: Web conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

After green LED starts to blink it is possible to restore initial settings of the router by pressing button RST on front panel. If press button RST, conﬁguration is restored to default and it is reboot (green LED will be on).

1.1 Secured access to web conﬁguration

To the web conﬁguration can be accessed via a secure HTTPS protocol. In the event of a default router IP address is a secure router conﬁguration accessed by entering address https://192.168.1.1 in the web browser. The ﬁrst approach is the need to install a security certiﬁcate. If your browser reports a disagreement in the domain, this message can be prevented use the following procedure.

Since the domain name in the certiﬁcate is given the MAC address of the router (such separators are used dashes instead of colons), it is necessary to access the router under this domain name. For access to the router via a domain name, it is adding a DNS record in the DNS table, the operating system.

1. CONFIGURATION OVER WEB BROWSER

• Editing /etc/hosts (Linux/Unix)

• Editing C:\WINDOWS\system32\drivers\etc\hosts (Windows XP)

• Conﬁguring your own DNS server

In addition to conﬁguring the router with MAC address 00:11:22:33:44:55 is accessed to secure conﬁguration by typing address https://00-11-22-33-44-55 in the web browser. The ﬁrst approach is the need to install a security certiﬁcate.

When using self signing certiﬁcate must upload your ﬁles and http_cert http_key directory /etc/certs in the router.

1.2 General

A summary of basic information about the router and its activities can be invoked by selecting the General item. This page is also displayed when you login to the web interface. Information is divided into a several of separate blocks according to the type of router activity or the properties area – Mobile Connection, Primary LAN, Peripherals Ports and System Information. If your router is equipped with WIFI expansion port, there is also WIFI section.

1.2.1 Mobile Connection

Item Description

SIM Card Identiﬁcation of the SIM card (Primary or Secondary )

Interface Deﬁnes the interface

Flags Displays network interface ﬂags

IP Address IP address of the interface

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

MTU Maximum packet size that the equipment is able to transmit

Rx Data Total number of received bytes

Rx Packets Received packets

Rx Errors Erroneous received packets

Rx Dropped Dropped received packets

Rx Overruns Lost received packets because of overload

Tx Data Total number of sent bytes

Tx Packets Sent packets

Tx Errors Erroneous sent packets

Tx Dropped Dropped sent packets

Tx Overruns Lost sent packets because of overload

Uptime Indicates how long the connection to mob. network is established

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

Tab l e 1: Mobile connection

1.2.2 Primary LAN

Items displayed in this part have the same meaning as items in the previous part. Moreover, there is information about the MAC address of the router (MAC Address item).

1.2.3 Peripheral Ports

Item Description

Expansion Port 1 Expansion port ﬁtted to the position 1 (None indicates that this

position is equipped with no port)

Expansion Port 2 Expansion port ﬁtted to the position 2 (None indicates that this

position is equipped with no port)

Binary Input State of binary input

Binary Output State of binary output

Tab l e 2: Peripheral Ports

1.2.4 System Information

Item Description

Firmware Version Information about the ﬁrmware version

Serial Number Serial number of the router (in case of N/A is not available)

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Proﬁle Current proﬁle – standard or alternative proﬁles (proﬁles are used

Supply Voltage Supply voltage of the router

Temp era t ure Te mpe r at u re in the router

Time Current date and time

Uptime Indicates how long the router is used

1.3 Mobile WAN status

This item is not available for industrial router XR5i v2.

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

for example to switch between different modes of operation)

Tab l e 3: System Information

The Mobile WAN menu item contains current information about connections to the mobile network. The ﬁrst part of this page (Mobile Network Information) displays basic information about mobile network in which the router is operated. There is also information about the module, which is mounted in the router.

Item Description

Registration State of the network registration

Operator Speciﬁes the operator in whose network the router is operated

Tech nol ogy Trans mis s io n technology

PLMN Code of operator

Cell Cell to which the router is connected

LAC Location Area Code – unique number assigned to each location area

Channel Channel on which the router communicates

Signal Strength Signal strength of the selected cell

Signal Quality Signal quality of the selected cell:

• EC/IO for UMTS and CDMA (it’s the ratio of the signal received

from the pilot channel – EC – to the overall level of the spectral density, ie the sum of the signals of other cells – IO)

• RSRQ for LTE technology (Deﬁned as the ratio )

N×RSRP

RSSI

• For EDGE technology (router ER75i v2) value is not available

Neighbours Signal strength of neighboring hearing cells

Manufacturer Module manufacturer

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Model Ty pe of module

Revision Revision of module

IMEI IMEI (International Mobile Equipment Identity) number of module

ESN ESN (Electronic Serial Number) number of module (for CDMA routers)

MEID MEID number of module

Highlighted in red adjacent cells have a close signal quality, which means that there is imminence of frequent switching between the current and the highlighted cell.

The next section of this window displays information about the quality of the connection in each period.

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

Tab l e 4: Mobile Network Information

Period Description

Today Tod ay from 0:00 to 23:59

Yester day Yester day from 0:00 to 23:59

This week This week from Monday 0:00 to Sunday 23:59

Last week Last week from Monday 0:00 to Sunday 23:59

This period This accounting period

Last period Last accounting period

Tab l e 5: Description of period

Item Description

Signal Min Minimal signal strength

Signal Avg Average signal strength

Signal Max Maximal signal strength

Cells Number of switch between cells

Availability Availability of the router via the mobile network (expressed as a percent-

age)

Tab l e 6: Mobile Network Statistics

Tips for Mobile Network Statistics table:

• Availability of connection to mobile network is information expressed as a percentage

that is calculated by the ratio of time when connection to mobile network is established to the time when the router is turned on.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

• After you place your cursor on the maximum or minimum signal strength, the last time

In the middle part of this page is displayed information about transferred data and number of connections for both SIM card (for each period).

Item Description

RX data Total volume of received data

TX data Tot a l volume of sent data

Connections Number of connection to mobile network establishment

The last part (Mobile Network Connection Log) informs about the mobile network connection and problems in establishment.

1. CONFIGURATION OVER WEB BROWSER

when the router reached this signal strength is displayed.

Tab l e 7: Traf ﬁc statistics

Figure 2: Mobile WAN status

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.4 WiFi

This item is available only if the router is equipped with a WiFi module.

After selecting the WiFi item in the main menu of the web interface, information about WiFi access point (AP) and associated stations is displayed.

Item Description

hostapd state dump Time to which statistical data relates

num_sta Number of connected stations

num_sta_non_erp Number of connected stations using 802.11b in 802.11g

num_sta_no_short_slot_time Number of stations not supporting the Short Slot Time

num_sta_no_short_preamble Number of stations not supporting the Short Preamble

1. CONFIGURATION OVER WEB BROWSER

BSS connection

Tab l e 8: State information about access point

For each connected client are displayed more detailed information. Most of them has an internal character, so let us mention only the following:

Item

ST A MAC address of connected device (station)

AID Identiﬁer of connected device (1 – 2007). If 0 is displayed, the station is

Description

not currently connected.

Tab l e 9: State information about connected clients

Figure 3: WiFi Status

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.5 WiFi Scan

This item is available only if the router is equipped with a WiFi module.

After selecting the WiFi Scan item in the menu of the web interface, scanning of neighbouring WiFi networks and subsequent printing of results are invoked. Scanning can be per-

formed only if the access point (WiFi AP) is off.

item Description

BSS MAC address of access point (AP)

TSF A Timing Synchronization Function (TSF) keeps the timers for

freq Frequency band of WiFi network [kHz]

beacon interval Period of time synchronization

capability List of access point (AP) properties

signal Signal level of access point (AP)

last seen Last response time of access point (AP)

SSID Identiﬁer of access point (AP)

Supported rates Supported rates of access point (AP)

DS Parameter set The channel on which access point (AP) broadcasts

ERP Extended Rate PHY – information element providing backward

Extended supported rates

RSN Robust Secure Network – The protocol for establishing a se-

1. CONFIGURATION OVER WEB BROWSER

all stations in the same Basic Service Set (BSS) synchronized. All stations shall maintain a local TSF timer.

compatibility

Supported rates of access point (AP) that are beyond the scope of eight rates mentioned in Supported rates item

cure communication through wireless network 802.11

Tab l e 10: Information about neighbouring WiFi networks

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 4: WiFi Scan

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.6 Network status

To view system information about the router operation, select the Network item in the main menu. The upper part of the window displays detailed information about active interfaces:

Interface Description

eth0, eth1 Network interfaces (ethernet connection)

ppp0 Interface (active connection to GPRS/EDGE)

tun0 OpenVPN tunnel interface

ipsec0 IPSec tunnel interface

gre1 GRE tunnel interface

usb0 USB interface

1. CONFIGURATION OVER WEB BROWSER

Tab l e 11: Description of interface in network status

By each of the interfaces is then shown the following information:

Item

HWaddr Hardware (unique) address of networks interface

inet IP address of interface

P-t-P IP address second ends connection

Bcast Broadcast address

Mask Mask of network

MTU Maximum packet size that the equipment is able to transmit

Metric Number of routers, over which packet must go trought

Description

• packets – received packets

• errors – number of errors

• dropped – dropped pac kets

• overruns – incoming packets lost because of overload

• frame – wrong incoming packets because of incorrect packet size

• packets – transmit packets

• errors – number of errors

• dropped – dropped pac kets

• overruns – outgoing packets lost because of overload

• carrier – wrong outgoing packets with errors resulting from the

physical layer

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

collisions Number of collisions on physical layer

txqueuelen Length of front network device

RX bytes Total number of received bytes

TX bytes Total number of transmitted bytes

It is possible to read status of connection to mobile network from the network information. If the connection to mobile network is active, then it is in the system information shown as a ppp0 interface.

For industrial router XR5i v2, interface ppp0 indicates PPPoE connection.

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

Tab l e 12: Description of information in network status

Figure 5: Network status

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.7 DHCP status

Information on the activities of the DHCP server can be accessed by selecting the DHCP status item.

DHCP status informs about activities DHCP server. The DHCP server provides automatic conﬁguration of devices connected to the network managed router. DHCP server assigns to each device’s IP address, netmask, default gateway (IP address of router) and DNS server (IP address of router).

For each conﬁguration, the DHCP status window displays the following information.

Item Description

lease Assigned IP address

starts Time of assignation of IP address

ends Time of termination IP address validity

hardware ethernet Hardware MAC (unique) address

uid Unique ID

client-hostname Computer name

1. CONFIGURATION OVER WEB BROWSER

Tab l e 13: DHCP status description

In the extreme case, the DHCP status can display two records for one IP address. That could have been caused by resetting of network cards.

Figure 6: DHCP status

Note: Starting with ﬁrmware 4.0.0, records in the DHCP status window are divided into two separate parts – Active DHCP Leases (Primary LAN) and Active DHCP Leases (WLAN).

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.8 IPsec status

Information on actual IPsec tunnel state can be called up in option IPsec in the menu.

After correct build the IPsec tunnel, status display IPsec SA established (highlighted in red) in IPsec status information. Other information is only internal character.

1. CONFIGURATION OVER WEB BROWSER

Figure 7: IPsec status

1.9 DynDNS status

The result of updating DynDNS record on the server www.dyndns.org can be invoked by pressing the DynDNS item in the menu.

Figure 8: DynDNS status

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

In detecting the status of updates DynDNS record are possible following message:

• DynDNS client is disabled.

• Invalid username or password.

• Speciﬁed hostname doesn’t exist.

• Invalid hostname format.

• Hostname exists, but not under speciﬁed username.

• No update performed yet.

• DynDNS record is already up to date.

• DynDNS record successfully update.

• DNS error encountered.

• DynDNS server failure.

1. CONFIGURATION OVER WEB BROWSER

For correct function DynDNS, SIM card of router must have assigned public IP address.

1.10 System Log

In case of any problems with connection to GPRS it is possible to view the system log by pressing the System Log menu item. In the window, are displayed detailed reports from individual applications running in the router. Use the Save Log button to save the system log to a connected computer. The second button – Save Report – is used for creating detailed report (generates all support needed information in one ﬁle).

The Syslog default size is 1000 lines. After reaching 1000 lines create a new ﬁle for storing system log. After completion of the 1000 lines in the second ﬁle, the ﬁrst ﬁle is deleted and creates a new one.

Program syslogd can be started with two options that modiﬁes its behavior. Option "-s" followed by decimal number set maximal number of lines in one log ﬁle. Option "-r" followed by hostname or IP address enable logging to remote syslog daemon. In the Linux must be enabled remote logging on the target computer. Ty pi ca ll y running syslogd with the parameter “-r”. On Windows must be installed the syslog server (for example Syslog Watcher). For starting syslogd with these options you could modify script "/etc/init.d/syslog" or add lines "killall syslogd" and "syslogd <options> &" into Startup Script.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 9: System Log

Example of logging into the remote daemon at 192.168.2.115:

Figure 10: Example program syslogd start with the parameter -r

1.11 LAN conﬁguration

To enter the network conﬁguration, select the LAN menu item. ETH network set in Primary LAN conﬁguration, expansion PORT ETH set in Secondary LAN conﬁguration.

Item Description

DHCP Client

• disabled – The router does not allow automatic allocation IP ad

dress from a DHCP server in LAN network.

• enabled – The router allows automatic allocation IP address

from a DHCP server in LAN network.

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

IP address Fixed set IP address of network interface ETH.

Subnet Mask IP address of Subnet Mask.

Bridged

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

• no – router is not used as a bridge (default)

• yes – router is used as a bridge

Media type

Default Gateway IP address of router default gateway. When entering IP address of

DNS server

Default Gateway and DNS Server items are used only if the DHCP Client item is set to a value disabled and if the Primary or Secondary LAN is selected by Backup routes system as a default route (selection algorithm is described in section 1.17 Backup Routes).

There can be only one active bridge on the router at the moment. Only parameters DHCP Client, IP address and Subnet Mask can be used to conﬁgure bridge. Primary LAN has got higher priority in this respect when both interfaces (eth0, eth1) are added to the bridge. Other interfaces (wlan0 – wiﬁ) can be added (or deleted) to (from) existing bridge at any moment. Moreover, the bridge can be created on demand of such interfaces but not conﬁgured by their respective parameters.

DHCP server assigns IP address, gateway IP address (IP address of the router) and IP address of the DNS server (IP address of the router) to the connected clients. If these values are ﬁlled-in by the user in the conﬁguration form, they are preferred.

DHCP server supports static and dynamic assignment of IP addresses. Dynamic DHCP server assigns clients IP addresses from a deﬁned address space. Static DHCP assigns IP addresses that correspond to the MAC addresses of connected clients.

• Auto-negation – The router selects the speed of communication

of network options.

• 100 Mbps Full Duplex – The router communicates at 100Mbps,

in the full duplex mode.

• 100 Mbps Half Duplex – The router communicates at 100Mbps,

in the half duplex mode.

• 10 Mbps Full Duplex – The router communicates at 10Mbps,

in the full duplex mode.

• 10 Mbps Half Duplex – The router communicates at 10Mbps,

in the half duplex mode.

default gateway, all packets for which the record was not found in the routing table, sent to this address.

IP address of DNS server of router. Address where they are forwarded to all DNS questions on the router.

Tab l e 14: Conﬁguration of network interface

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Enable dynamic DHCP leases

IP Pool Start Start IP addresses space to be allocated to the DHCP clients.

IP Pool End End IP addresses space to be allocated to the DHCP clients.

Lease time Time in seconds, after which the client can use IP address.

Item Description

Enable static DHCP leases

MAC Address MAC address of a DHCP client.

IP Address Assigned IP address.

1. CONFIGURATION OVER WEB BROWSER

If this option is checked, dynamic DHCP ser ver is enable.

Tab l e 15: Conﬁguration of dynamic DHCP server

If this option is checked, static DHCP server is enable.

Tab l e 16: Conﬁguration of static DHCP server

It is important not to overlap ranges of static allocated IP address with address allocated by the dynamic DHCP. Then risk collision of IP addresses and incorrect function of network.

Example of the network interface with dynamic DHCP server:

• The range of dynamic allocated addresses from 192.168.1.2 to 192.168.1.4.

• The address is allocated 600 second (10 minutes).

Figure 11: To pol o gy of example LAN conﬁguration 1

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 12: Example LAN conﬁguration 1

Example of the network interface with dynamic and static DHCP server:

• The range of allocated addresses from 192.168.1.2 to 192.168.1.4.

• The address is allocated 10 minutes.

• Client’s with MAC address 01:23:45:67:89:ab has IP address 192.168.1.10.

• Client’s with MAC address 01:54:68:18:ba:7e has IP address 192.168.1.11.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 13: To pol o gy of example LAN conﬁguration 2

Figure 14: Example LAN conﬁguration 2

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the network interface with default gateway and DNS server:

• Default gateway IP address is 192.168.1.20

• DNS server IP address is 192.168.1.20

1. CONFIGURATION OVER WEB BROWSER

Figure 15: To pol o gy of example LAN conﬁguration 3

Figure 16: Example LAN conﬁguration 3

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.12 VRRP conﬁgur ation

To enter the VRRP conﬁguration select the VRRP menu item. VRRP protocol (Virtual Router Redundancy Protocol) is a technique, by which it is possible to forward routing from main router to backup router in the case of the main router failure. If the Enable VRRP is checked, then it is possible to set the following parameters.

Item Description

Virtual Server IP Address This parameter sets virtual server IP address. This address

Virtual Server ID Parameter Virtual Server ID distinguishes one virtual router

Host Priority The router , with higher priority set by the parameter Host

1. CONFIGURATION OVER WEB BROWSER

should be the same for both routers. A connected device sends its data via this virtual address.

on the network from others. Main and backup routers must use the same value for this parameter.

Priority, is the main router. According to RFC 2338 the main router has the highest possible priority - 255. The backup router has priority in range 1 – 254 (init value is 100). The priority value equals 0 is not allowed.

Tab l e 17: VRRP conﬁguration

It is possible to set Check connection ﬂag in the second part of the window. The currently active router (main/backup) will send testing messages to deﬁned Ping IP Address at periodic time intervals (Ping Interval) with setting time of waiting for answer (Ping Timeout ). The function check connection is used as a supplement of VRRP standard with the same ﬁnal result. If there are no answers from remote devices (Ping IP Address) for a deﬁned number of probes (Ping Probes), then connection is switched to the other line.

Item

Ping IP Address Destinations IP address ping queries. Address can not specify as

Ping Interval Time intervals between the outgoing pings.

Ping Timeout Time to wait to answer.

Ping Probes Number of failed ping requests, after which the route is considered

Ping IP address is possible to use for example a DNS server of mobile operator as a test message (ping) IP address.

There’s an additional way for evaluating the state of the active line. It is activated by selecting Enable trafﬁc monitoring parameter. If this parameter is set and any packet different from ping is sent to the monitored line, then any answer to this packet is expected for Ping Timeout.

Description

domain name.

to be impassable.

Tab l e 18: Check connection

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

If Ping Timeout expires with no answer received then process of testing the active line continues the same way like in the case of standard testing process after ﬁrst test message answer drops out.

Example of the VRRP protocol:

1. CONFIGURATION OVER WEB BROWSER

Figure 17: To pol o gy of example VRRP conﬁguration

Figure 18: Example VRRP conﬁguration — main router

Figure 19: Example VRRP conﬁguration -– backup router

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.13 Mobile WAN conﬁguration

This item is not available for industrial router XR5i v2.

The form for conﬁguration of a connection to the mobile network can be invoked by selecting the Mobile WAN item in the main menu of the router web interface.

1.13.1 Connection to mobile network

If the Create connection to mobile network item is selected, the router automatically tries to establish connection after switching-on.

Item Description

APN Network identiﬁer (Access Point Name)

Username User name to log into the GSM network

Password Password to log into the GSM network

Authentication Authentication protocol in GSM network:

1. CONFIGURATION OVER WEB BROWSER

• PAP or CHAP – authentication method is chosen by router

• PAP – it is used PAP authentication method

• CHAP – it is used CHAP authentication method

IP Address IP address of SIM card. The user sets the IP address, only in the case

IP address was assigned of the operator.

Phone Number Te lep hon e number to dial GPRS or CSD connection. Router as a de-

fault telephone number used *99***1 #.

Operator This item can be deﬁned PLNM preferred carrier code

Network type

PIN PIN parameter should be set only if it requires a SIM card router. SIM

MRU Maximum Receiving Unit – It’s an identiﬁer of maximum size of packet,

MTU Maximum Tra n smi ssi on Unit – It’s an identiﬁer of max. size of packet,

• Automatic selection – router automatically selects transmission

method according to the availability of transmission technology

• Furthermore, according to the type of router – it’s also possible to

select a speciﬁc method of data transmission (GPRS, UMTS, . . . )

card is blocked in case of several bad attempts to enter the PIN.

which is possible to receive in a given environment. Default value is 1500 B. Other settings may cause incorrect transmission of data.

which is possible to transfer in a given environment. Default value is 1500 B. Other settings may cause incorrect transmission of data.

Tab l e 19: Mobile WAN connection conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Tips for working with the Mobile WAN conﬁguration form:

• If the size is set incorrectly, data transfer may not be succeeded. By setting a lower MTU

• If the IP address ﬁeld is not ﬁlled in, the operator automatically assigns the IP address

• If the APN ﬁeld is not ﬁlled in, the router automatically selects the APN by the IMSI code

• If the word blank is ﬁlled in the APN ﬁeld, router interprets APN as blank.

1. CONFIGURATION OVER WEB BROWSER

it occurs to more frequent fragmentation of data, which means higher overhead and also the possibility of damage of packet during defragmentation. On the contrary, the higher value of MTU can cause that the network does not transfer the packet.

when it is establishing the connection. If ﬁlled IP address supplied by the operator, router accelerate access to the network.

of the SIM card. If the PLMN (operator number format) is not in the list of APN, then default APN is "internet". The mobile operator deﬁnes APN.

ATTENT I ON:

• If only one SIM card is plugged in the router (router has one slot for a SIM card),

router switches between the APN. Router with two SIM cards switches between SIM cards.

• Correct PIN must be ﬁlled. For SIM cards with two APN’s there will be the same

PIN for both APN‘s. Otherwise the SIM card can be blocked by false SIM PIN.

Items marked with an asterisk must be ﬁlled in only if this information is required by the operator (carrier).

In case of unsuccessful establishing a connection to mobile network is recommended to check the accuracy of entered data. Alternatively, try a different authentication method or network type.

1.13.2 DNS address conﬁguration

The DNS Settings item is designed for easier conﬁguration on the client side. When this item is set to the value get from opertor router makes an attempt to automatically get an IP address of the primary and secondary DNS server from the operator. By way of contrast, set

manually option allows you to set IP addresses of Primary DNS servers manually (using the DNS Server item).

1.13.3 Check connection to mobile network conﬁguration

If the Check Connection item is set to enabled or enabled + bind, checking the connection to mobile network is activated. Router will automatically send ping requests to the speciﬁed domain or IP address (Ping IP Address item) in regular time interval (Ping Interval). In case of unsuccessful ping, a new one will be sent after ten seconds. If it fails to ping the IP address of three times in a row, the router terminates the current connection and tries to establish new

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

ones. Checking can be set separately for two SIM cards or two APNs. As a ping address can be used an IP address for which it is certain that it is still functional and is possible to send ICMP ping (e.g. DNS server of operator).

In the case of the enabled option ping requests are sent on the basis of routing table. Thus, the requests may be sent through any available interface. If you require each ping request to be sent through the network interface, which was created on the occasion of establishing a connection to the mobile operator, it is necessary to set the Check Connection item to enabled + bind. The disabled variant deactivates checking the connection to mobile network.

Item Description

Ping IP Address Destinations IP address or domain name of ping queries.

Ping Interval Time intervals between the outgoing pings.

If the Enable Tr a fﬁ c Monitoring option is selected, then the router stops sending ping questions to the Ping IP Address and it will watch trafﬁc in connection to mobile network. If this connection is without trafﬁc longer than the Ping Interval, then the router sends ping questions to the Ping IP Address.

Attention! The feature of check connection to mobile network is necessary for uninterrupted operation.

1. CONFIGURATION OVER WEB BROWSER

Tab l e 20: Check connection to mobile network conﬁguration

1.13.4 Data limit conﬁguration

Item

Data limit With this parameter you can set the maximum expected amount

Warning Threshold Parameter Warning Threshold determine per cent of Data Limit

Accounting Start Parameter sets the day of the month in which the billing cycle

If parameters Switch to backup SIM card when data limit is exceeded and switch to default

SIM card when data limit isn’t exceeded (see next subsection) or Send SMS when datalimit is exceeded (see SMS conﬁguration) are not selected the data limit will not count.

Description

of data transmitted (sent and received) over GPRS in one billing period (month).

in the range of 50% to 99%, which if is exceeded, then the router sends SMS in the form Router has exceeded (value of Warning Threshold) of data limit.

starts SIM card used. Start of the billing period deﬁnes the operator, which gives the SIM card. The router begin to count the transferred data since that day.

Tab l e 21: Data limit conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.13.5 Switch between SIM cards conﬁguration

At the bottom of conﬁguration it is possible to set rules for switching between two APN’s on the SIM card, in the event that one SIM card is inserted or between two SIM cards, in the event that two SIM cards are inserted.

Item Description

Default SIM card This parameter sets default APN or SIM card, from which it will try

Backup SIM card Deﬁnes backup APN or SIM card, that the router will switch

1. CONFIGURATION OVER WEB BROWSER

to establish the connection to mobile network. If this parameter is set to none, the router launches in ofﬂine mode and it is necessary to establish connection to mobile network via SMS message.

the deﬁning one of the following rules.

Tab l e 22: Default and backup SIM conﬁguration

If parameter Backup SIM card is set to none, then parameters Switch to other SIM card

when connection fails, Switch to backup SIM card when roaming is detected and switch to default SIM card when home network is detected and Switch to backup SIM card when data limit is exceeded and switch to default SIM card when data limit isn’t exceeded switch the

router to off-line mode.

Item Description

Switch to other SIM card when connection fails

Switch to backup SIM card when roaming is detected and switch to default SIM card when home network is detected

Switch to backup SIM card when data limit is exceeded and switch to default SIM card when data limit isn’t exceeded

If connection to mobile network fails, then this parameter ensures switch to secondary SIM card or secondary APN of the SIM card. Failure of the connection to mobile network can occur in two ways. When I start the router, when three fails to establish a connection to mobile network. Or if it is checked Check the connection to mobile network, and is indicated by the loss of a connection to mobile network.

In case that the roaming is detected this parameter enables switching to secondary SIM card or secondary APN of the SIM. If home network is detected, this parameter enables switching back to default SIM card.

For proper operation, it is necessary to have enabled roaming on your SIM card!

This parameter enables switching to secondary SIM card or secondary APN of the SIM card, when the data limit of default APN is exceeded. This parameter also enables switching back to default SIM card, when data limit is not exceeded.

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Switch to backup SIM card when binary input is active switch to default SIM card when binary input isn’t active

Switch to default SIM card after timeout

The following parameters deﬁne the time after which the router attempts to go back to the default SIM card or APN.

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

This parameter enables switching to secondary SIM card or secondary APN of the SIM card, when binary input ‘bin0’ is active. If binary input isn’t active, this parameter enables switching back to default SIM card.

This parameter deﬁnes the method, how the router will try to switch back to default SIM card or default APN.

Tab l e 23: Switch between SIM card conﬁgurations

Item Description

Initial timeout The ﬁrst attempt to switch back to the primary SIM card or APN

shall be made for the time deﬁned in the parameter Initial Timeout, range of this parameter is from 1 to 10000 minutes.

Subsequent Timeout In an unsuccessful attempt to switch to default SIM card, the

router on the second attempt to try for the time deﬁned in the parameter Subsequent Timeout, range is from 1 to 10000 min.

Additive constants

Example: If parameter Switch to default SIM card after timeout is checked and parameters are set as follows: Initial Timeout – 60 min, Subsequent Timeout 30 min and Additive Timeout – 20 min, the ﬁrst attempt to switch the primary SIM card or APN shall be carried out after 60 minutes. Switched to a failed second attempt made after 30 minutes. Third after 50 minutes (30+20). Fourth after 70 minutes (30+20+20).

Any further attempt to switch back to the primary SIM card or APN shall be made in time computed as the sum of the previous time trial and time deﬁned in the parameter Additive constants range is 1-10000 minutes.

Tab l e 24: Switch between SIM card conﬁgurations

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.13.6 Dial-In access conﬁguration

Dial-In access conﬁguration is supported only for these routers: ER75i, UR5, ER75i v2 and UR5 v2.

In the bottom part of the window it is possible to deﬁne access over CSD connection by

Enable Dial-In Access function. Access can be secured by used the Username and Password. In the event that this function is enabled and the router does not have a connection to

mobile network is granted access to the router via dial-up connections CSD. The router waits 2 minutes to accept connections. If the router during this time nobody logs on, the router will try again to establish a GPRS connection.

Item Description

Username User name for secured Dial-In access.

Password Password for secured Dial-In access.

1. CONFIGURATION OVER WEB BROWSER

Tab l e 25: Dial-In access conﬁguration

1.13.7 PPPoE bridge mode conﬁguration

If the Enable PPPoE bridge mode option selected, it activate the PPPoE bridge protocol PPPoE (point-to-point over ethernet) is a network protocol for encapsulating Point-to-Point Protocol (PPP) frames inside Ethernet frames. Allows you to create a PPPoE connection from the device behind router. For example from PC which is connected to ETH port router. There will be allot Ip address of SIM card to PC.

The changes in settings will apply after pressing the Apply button.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 20: Mobile WAN conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

The ﬁgure below describes the situation, when the connection to mobile network is controlled on the address 8.8.8.8 in the time interval of 60 s for primary SIM card and on the address www.google.com in the time interval 80 s for secondary SIM card. In the case of trafﬁc on the router the control pings are not sent, but the trafﬁc is monitored.

he following conﬁguration illustrates the situation in which the router switches to a backup SIM card after exceeding the data limits of 800 MB. Warning SMS is sent upon reaching 400 MB. The start of accounting period is set to the 18th day of the month.

1. CONFIGURATION OVER WEB BROWSER

Figure 21: Example of Mobile WAN conﬁguration 1

Figure 22: Example of Mobile WAN conﬁguration 2

Primary SIM card is switched to the ofﬂine mode after the router detects roaming. The ﬁrst attempt to switch back to the default SIM card is executed after 60 minutes, the second after 40 minutes, the third after 50 minutes (40+10) etc.

Figure 23: Example of Mobile WAN conﬁguration 3

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.14 PPPoE Conﬁguration

To enter the PPPoE conﬁguration select the PPPoE menu item. If the Create PPPoE con- nection option is selected, the router tries to establish PPPoE connection after switching-on.

PPPoE (Point-to-Point over Ethernet) is a network protocol, which PPP frames encapsulating to the Ethernet frames. PPPoE client to connect devices that support PPPoE bridge or a server (typically ADSL router). After connecting the router obtains the IP address of the device to which it is connected. All communications from the device behind the PPPoE server is forwarded to industrial router .

Item Description

Username Username for secure access to PPPoE

Password Password for secure access to PPPoE

Authentication Authentication protocol in GSM network

1. CONFIGURATION OVER WEB BROWSER

• PAP or CHAP – authentication method is chosen by router

• PAP – it is used PAP authentication method

• CHAP – it is used CHAP authentication method

MRU Maximum Receiving Unit – It is the identiﬁer of the maximum size

of packet, which is possible to recese in given environment. Default value is set to 1492 bytes. Other settings may cause incorrect data transmission.

MTU Maximum Tran s mi s sio n Unit – It is the identiﬁer of the maximum

size of packet, which is possible to transfer in given environment. Default value is set to 1492 bytes. Other settings may cause incorrect data transmission.

Tab l e 26: PPPoE conﬁguration

Figure 24: PPPoE conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.15 WiFi conﬁguration

This item is available only if the router is equipped with a WiFi module.

The form for conﬁguration of WiFi network can be invoked by pressing the WiFi item in the main menu of the router web interface. Enable WiFi check box at the top of this form is used to activate WiFi. It is also possible to set the following properties:

Item Description

Operating mode WiFi operating mode:

1. CONFIGURATION OVER WEB BROWSER

• access point (AP) – router becomes an access point to which

other devices in station (STA) mode can be connected

• station (STA) – router becomes a client station, it means that

receives data packets from the available access point (AP) and sends data from cable connection via wiﬁ network

SSID Unique identiﬁer of WiFi network

Broadcast SSID Method of broadcasting the unique identiﬁer of SSID network in bea-

con frame and type of response to a request for sending the beacon frame.

• Enabled – SSID is broadcasted in beacon frame

• Zero length – Beacon frame does not include SSID. Requests

for sending beacon frame are ignored.

• Clear – Each SSID character in beacon frame is replaced by 0.

However, original length is kept. Requests for sending beacon frame are ignored.

Probe Hidden SSID

Country Code Code of the country, where the router is used with WiFi. This code

Probes hidden SSID (only for station (STA) mode)

must be entered in format ISO 3166-1 alpha-2. If country code isn’t speciﬁed and the router has implemented no system to determine this code, it is used "US" as default country code.

If no country code is speciﬁed or is entered the wrong country code, then it may come a pass a breach of regulatory rules for the using of frequency bands in the particular country.

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

HW Mode HW mode of WiFi standard that will be supported by WiFi access

Channel Channel where the WiFi AP is transmitting

BW 40 MHz Option for HW mode 802.11n that allows using of two standard

WMM Enables basic QoS for WiFi networks. This version doesn’t guaran-

Authentication Provides access control of authorized users in WiFi network:

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

point (AP).

• IEE 802.11b

• IEE 802.11b+g

• IEE 802.11b+g+n

20 MHz channels simultaneously.

tee network throughput. It is suitable for simple applications requiring QoS.

• Open – authentication is not required (free access point)

• Shared – base authentication using WEP key

• WPA-PSK – authentication using better authentication method

PSK-PSK

• WPA2-PSK – authentication using AES encryption

Encryption Typ e of data encryption in WiFi network:

• None – No data encryption

• WEP – Encryption using static WEP keys. This encryption can

be used for Shared authentication.

• TKIP – Dynamic management of encryption keys which can be

used for WPA-PSK and WPA2-PSK authentication.

• AES – Improved encryption used for WPA2-PSK authentication

WEP Key Typ e Ty pe of WEP key for WEP encryption:

• ASCII – WEP key is entered in ASCII format

• HEX – WEP key is entered in hexadecimal format

WEP Default Key Speciﬁes default WEP key

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

WEP Key 1-4 Items for different four WEP keys

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

• WEP key in ASCII format must be entered in quotes and must

have the following lengths:

– 5 ASCII characters (40b WEP key) – 13 ASCII characters (104b WEP key) – 16 ASCII characters (128b WEP key)

• WEP key in hexadecimal format must be entered using only

hexadecimal digits and must the following lengths:

– 10 hexadecimal digits (40b WEP key) – 26 hexadecimal digits (104b WEP key) – 32 hexadecimal digits (128b WEP key)

WPA PSK Ty pe The type of encryption when WPA-PSK authenticating:

• 256-bit secret

• ASCII passphrase

• PSK File

WPA PSK Key for WPA-PSK authentication. This key must be entered accord-

ing to the selected WPA-PSK type as follows:

• 256-bit secret – 64 hexadecimal digits

• ASCII passphrase – from 8 to 63 characterswhich are subse

quently converted into PSK

• PSK File – absolute path to the ﬁle containing the list of pairs

(PSK key , MAC address)

Access List Determines a manner of Access/Deny list application:

• Disabled – Access/Deny list is not used

• Accept – Only items mentioned in the Access/Deny list have

access to the network

• Deny – Items mentioned in the Access/Deny list do not have

access to the network

Accept/Deny List Accept or Denny list of client MAC addresses that set network ac-

cess. Each MAC address is separated by new line.

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Syslog Level Communicativeness level when system writes to the system log

Extra options Allows user to deﬁne additional parameters

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

• Verbose debugging – the highest level of communicativeness

• Debugging

• Informational – default level of communicativeness which is

used for writing standard events

• Notiﬁcation

• Warning – the lowest level of communicativeness

Tab l e 27: WiFi conﬁguration

Figure 25: WiFi konﬁgurace

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.16 WLAN conﬁguration

This item is available only if the router is equipped with a WiFi module.

The form for conﬁguration of WiFi network and DHCP server functioning on this network can be invoked by pressing the WLAN item in the main menu of the router web interface. Enable WLAN interface check box at the top of this form is used to activate WIFi LAN interface. It is also possible to set the following properties:

Item description

Operating Mode WiFi operating mode:

1. CONFIGURATION OVER WEB BROWSER

• access point (AP) – router becomes an access point to

which other devices in station (STA) mode can be connected

• station (STA) – router becomes a client station, it means

that receives data packets from the available access point

(AP) and sends data from cable connection via wiﬁ network

DHCP Client Activates/deactivates DHCP client

IP Address Fixed set IP address of WiFi network interface

Subnet Mask Subnet mask of WiFi network interface

Bridged Activates bridge mode:

• no – Bridged mode is not allowed (it’s default value). WLAN

network is not connected with LAN network of the router.

• yes – Bridged mode is allowed. WLAN network is connected

with one or more LAN network of the router. In this case, the setting of most items in this table is ignored. Instead, it takes setting of selected network interface (LAN).

Default Gateway IP address of default gateway. When entering IP address of de-

fault gatewa y, all packets for which the record was not found in the routing table are sent to this address.

DNS Server Address to which all DNS queries are forwarded

Tab l e 28: WLAN conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Use Enable dynamic DHCP leases item at the bottom of this form to enable dynamic allocation of IP addresses using DHCP server. It is also possible to specify these values:

Item Description

IP Pool Start Beginning of the range of IP addresses which will be assigned to DHCP

IP Pool End End of the range of IP addresses which will be assigned to DHCP clients

Lease Time Time in seconds for which the client may use the IP address

All changes in settings will apply after pressing the Apply button.

1. CONFIGURATION OVER WEB BROWSER

clients

Tab l e 29: Conﬁguration of DHCP server

Figure 26: WL AN conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.17 Backup Routes

Using the conﬁguration form on the Backup Routes page can be set backing up primary connection by other connections to internet/mobile network. For each back up connection can be deﬁned a priority. Own switching is done based on set priorities and state of the connection (for Primary LAN and Secondary LAN).

If Enable backup routes switching option is checked, the default route is selected according to the settings below. Namely according to status of enabling each of backup route (i.e.

Enable backup routes switching for Mobile WAN, Enable backup routes switching for PPPoE, Enable backup routes switching for WiFi STA, Enable backup routes switching for Primary LAN or Enable backup routes switching for Secondary LAN), according to explicitly set

priorities and according to status of connection check (if it is enabled). In addition, network interfaces belonging to individual backup routes have checked a ﬂag RUNNING. This check ﬁxes for example disconnecting of an ethernet cable.

If Enable backup routes switching option is not checked, Backup routes system operates in the so-called backward compatibility mode. The default route is selected based on implicit priorities according to the status of enabling settings for each of network interface, as the case may be enabling services that set these network interfaces. Names of backup routes and corresponding network interfaces in order of implicit priorities:

1. CONFIGURATION OVER WEB BROWSER

• Mobile WAN (pppX, usbX)

• PPPoE (ppp0)

• Secondary LAN (eth1)

• Primary LAN (eth0)

Example:

Secondary LAN is selected as the default route only if Create connection to mobile network option is not checked on the Mobile WAN page, alternatively if Create PPPoE connection option is not checked on the PPPoE page. To select the Primary LAN it is also necessary not to be entered IP address for Secondary LAN and must not be enabled DHCP Client for Secondary LAN.

Item

Priority Pr iority for the type of connection

Ping IP Address Destination IP address of ping queries to check the connection

Ping Interval The time intervals between sent ping queries

Description

(address can not be speciﬁed as a domain name)

Tab l e 30: Backup Routes

All changes in settings will be applied after pressing the Apply button.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 27: Backup Routes

1.18 Firewall conﬁguration

The ﬁrst security element which incoming packets must pass is check of enabled source IP addresses and destination ports. It can be speciﬁed IP addresses from which you can remotely access the router and the internal network connected behind a router. If the Enable ﬁltering of incoming packets item is checked (located at the beginning of the conﬁguration form Firewall ), this element is enabled and accessibility is checked against the table with IP addresses. This means that access is permitted only addresses speciﬁed in the table. It is possible to deﬁne up to eight remote accesses. There are the following parameters:

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Source IP address from which access to the router is allowed

Protocol Speciﬁes protocol for remote access:

Targ et Port The port number on which access to the router is allowed

Action Typ e of action:

1. CONFIGURATION OVER WEB BROWSER

• all – access is enabled for all protocols

• TCP – access is enabled for TCP protocol

• UDP – access is enabled for UDP protocol

• ICMP – access is enabled for ICMP protocol

• allow – access is allowed

• deny – access is denied

Tab l e 31: Filtering of incoming packets

The following part of the conﬁguration form deﬁnes the forwarding policy. If Enabled ﬁlter- ing of forwarded packets item is not checked, packets are automatically accepted. If this item is checked and incoming packet is addressed to another network interface, it will go to the FORWARD chain. In case that the FORWARD chain accepted this packet (there is a rule for its forwarding), it will be sent out. If the forwarding rule does not exist, packet will be dropped.

Then there is a table for deﬁning the rules. It is possible to allow all trafﬁc within the selected protocol (rule speciﬁes only protocol) or create stricter rules by specifying items for source IP address, destination IP address and port.

Item Description

Source IP address of source device

Destination IP address of destination device

Protocol Speciﬁes protocol for remote access:

• all – access is enabled for all protocols

• TCP – access is enabled for TCP protocol

• UDP – access is enabled for UDP protocol

• ICMP – access is enabled for ICMP protocol

Targ et Port The port number on which access to the router is allowed

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Action Typ e of action:

There is also the possibility to drop a packet whenever request for service which is not in the router comes (check box named Enable ﬁltering of locally destinated packets). The packet is dropped automatically without any information.

As a protection against DoS attacks (this means attacks during which the target system is ﬂooded with plenty of meaningless requirements) is used option named Enable protection against DoS attacks which limits the number of connections per second for ﬁve.

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

• allow – access is allowed

• deny – access is denied

Tab l e 32: Forwarding ﬁltering

Figure 28: Firewall conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the ﬁrewall conﬁguration:

The router has allowed the following access:

• from address 171.92.5.45 using any protocol

• from address 10.0.2.123 using TCP protocol on port 1000

• from address 142.2.26.54 using ICMP protocol

1. CONFIGURATION OVER WEB BROWSER

Figure 29: To pol o gy of example ﬁrewall conﬁguration

Figure 30: Example ﬁrewall conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.19 NAT conﬁguration

To enter the Network Address Tra nsl a ti o n conﬁguration, select the NA T menu item. NAT (Network address Tran sla tio n / Port address Tr ans lat i on - PAT) is a method of adjusting the network trafﬁc through the router default transcript and/or destination IP addresses often change the number of TCP/UDP port for walk-through IP packets. The window contains sixteen entries for the deﬁnition of NAT rules.

Item Description

Public Port Public por t

Private Port Private port

Typ e Protocol selection

Server IP address IP address which will be forwarded incoming data

1. CONFIGURATION OVER WEB BROWSER

Tab l e 33: NAT conﬁguration

If necessary set more than sixteen rules for NAT rules, then is possible insert into start up script following script:

iptables -t nat -A napt -p tcp --dport [PORT\_PUBLIC] -j DNAT --to-destination [IPADDR]:[PORT1\_PRIVATE]

Concrete IP address [IPADDR] and ports numbers [PORT_PUBLIC] and [PORT_PRIVATE] are ﬁlled up into square bracket.

The following items are used to set the routing of all incoming trafﬁc from the PPP to the connected computer.

Item Description

Send all remaining incoming packets to default server

Default Server IP Address Send all incoming packets to this IP addresses.

Tab l e 34: Conﬁguration of send all incoming packets

By checking this item and setting the Default Server item it is possible to put the router into the mode in which all incoming data from GPRS will be routed to the computer with the deﬁned IP address.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Enable the following options and enter the port number is allowed remote access to the router from PPP interface.

Item Description

Enable remote HTTP access on port If this item ﬁeld and port number is ﬁlled in, then

Enable remote HTTPS access on port If this item ﬁeld and port number is ﬁlled in, then

Enable remote FTP access on port Choice this item and port number makes it pos-

Enable remote SSH access on port Choice this item and port number makes it pos-

Enable remote Tel net access on port Choice this item and port number makes it pos-

Enable remote SNMP access on port Choice this item and port number makes it pos-

Masquerade outgoing packets Choice Masquerade (alternative name for the

1. CONFIGURATION OVER WEB BROWSER

conﬁguration of the router over web interface is possible (disabled in default conﬁguration).

sible to access over FTP (disabled in default conﬁguration).

sible to access over SSH (disabled in default conﬁguration).

sible to access over Te ln e t (disabled in default conﬁguration).

sible to access to SNMP agent (disabled in default conﬁguration).

NAT system) item option turns the system address translation NAT.

Tab l e 35: Remote access conﬁguration

Example of the conﬁguration with one connection equipment on the router:

Figure 31: To pol o gy of example NAT conﬁguration 1

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 32: Example NAT conﬁguration 1

In these conﬁgurations it is important to have marked choice of Send all remaining incom- ing packets it default server, IP address in this case is the address of the device behind the router. Connected equipment behind the router must have set Default Gateway on the router. Connected device replies, while PING on IP address of SIM card.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the conﬁguration with more connected equipment:

1. CONFIGURATION OVER WEB BROWSER

Figure 33: To pol o gy of example NAT conﬁguration 2

Figure 34: Example NAT conﬁguration 2

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

In this conﬁguration equipment wired behind the router deﬁnes the address Server IP Address. The router replies, while PING on address of SIM card. Access on web interface of the

equipment behind the router is possible by the help of Port Forwarding, when behind IP address of SIM is indicating public port of equipment on which we want to come up. At demand on port 80 it is surveyed singles outer ports (Public port), there this port isn’t deﬁned, therefore at check selection Enable remote http access it automatically opens the web interface router . If this choice isn’t selected and is selected volition Send all remaining incoming packets to the default server fulﬁll oneself connection on induction IP address. If it is not selected selection Send all remaining incoming packets to default ser ver and Default server IP address then connection requests a failure.

1.20 OpenVPN tunnel conﬁgur ation

OpenVPN tunnel conﬁguration can be called up by option OpenVPN item in the menu. OpenVPN tunnel allows protected connection of two networks LAN to the one which looks like one homogenous. In the OpenVPN Tu n nel s Conﬁguration window are two rows, each row for one conﬁgured OpenVPN tunnel.

1. CONFIGURATION OVER WEB BROWSER

Item Description

Create Enables the individual tunnels

Description Displays a name of the tunnel speciﬁed in the conﬁguration form

Edit Conﬁguration of OpenVPN tunnel

Tab l e 36: Overview OpenVPN tunnels

Figure 35: OpenVPN tunnels conﬁguration

Item Description

Description Description (or name) of tunnel

Protocol Communication protocol:

• UDP – OpenVPN will communicate using UDP

• TCP server – OpenVPN will communicate using TCP in

server mode

• TCP client – OpenVPN will communicate using TCP in

client mode

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

UDP/TCP port Port of the relevant protocol (UDP or TCP)

Remote IP Address IP address of opposite tunnel side (domain name can be used)

Remote Subnet IP address of a network behind opposite tunnel side

Remote Subnet Mask Subnet mask of a network behind opposite tunnel side

Redirect Gateway Allows to redirect all trafﬁc on Ethernet

Local Interface IP Address

Remote Interface IP Address

Ping Interval Deﬁnes the time interval after which sends a message to oppo-

Ping Timeout Deﬁnes the time interval during which the router waits for a mes-

Renegotiate Interval Sets renegotiate period (reauthorization) of the OpenVPN tun-

Max Fragment Size Deﬁnes the maximum size of a sent packet

Compression Sent data can be compressed:

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

Deﬁnes the IP address of a local interface

Deﬁnes the IP address of the interface of opposite tunnel side

site side of tunnel for checking the existence of the tunnel.

sage sent by the opposite side. For proper veriﬁcation of OpenVPN tunnel, Ping Timeout must be greater than Ping Interval.

nel. This parameter can be set only when Authenticate Mode is set to username/password or X.509 certiﬁcate. After this time period, router changes the tunnel encryption to ensure the continues safety of the tunnel.

• none – no compression is used

• LZO – a lossless compression is used (must be set on both

sides of the tunnel!)

NAT Rules Applies NAT rules to the OpenVPN tunnel:

• not applied – NAT rules are not applied to the OpenVPN

tunnel

• applied – NAT rules are applied to the OpenVPN tunnel

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Authenticate Mode Sets authentication mode:

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

• none – no authentication is set

• Pre-shared secret – sets the shared key for both sides of

the tunnel

• Username/password – enables authentication using CA

Certiﬁcate, Username and Password

• X.509 Certiﬁcate (multiclient) – enables X.509 authenti

cation in multiclient mode

• X.509 Certiﬁcate (client) – enables X.509 authentication

in client mode

• X.509 Certiﬁcate (server) – enables X.509 authentication

in server mode

Pre-shared Secret Authentication using pre-shared secret can be used for all offered

authentication mode.

CA Certiﬁcate Auth. using CA Certiﬁcate can be used for username/password

and X.509 Certiﬁcate modes.

DH Parameters Protocol for exchange key DH parameters can be used for X.509

Certiﬁcate authentication in server mode.

Local Certiﬁcate This authentication certiﬁcate can be used for X.509 Certiﬁcate

authentication mode.

Local Private Key It can be used for X.509 Certiﬁcate authentication mode.

Username Authentication using a login name and password authentication

can be used for username/password mode.

Password Authentication using a login name and password authentication

can be used for username/password mode.

Extra Options Allows to deﬁne additional parameters of OpenVPN tunnel such

as DHCP options etc.

Tab l e 37: OpenVPN tunnels conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

The changes in settings will apply after pressing the Apply button.

1. CONFIGURATION OVER WEB BROWSER

Figure 36: OpenVPN tunnel conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the OpenVPN tunnel conﬁguration:

1. CONFIGURATION OVER WEB BROWSER

Figure 37: To pol o gy of example OpenVPN conﬁguration

OpenVPN tunnel conﬁguration:

Conﬁguration

Protocol UDP UDP

UDP Port 1194 1194

Remote IP Address 10.0.0.2 10.0.0.1

Remote Subnet 192.168.2.0 192.168.1.0

Remote Subnet Mask 255.255.255.0 255.255.255.0

Local Interface IP Address 19.16.1.0 19.16.2.0

Remote Interface IP Address 19.16.2.0 19.18.1.0

Compression LZO LZO

Authenticate mode none none

Tab l e 38: Example OpenVPN conﬁguration

Examples of different options for conﬁguration and authentication of OpenVPN tunnel can

be found in the application note OpenVPN.

A B

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.21 IPsec tunnel conﬁgur ation

IPsec tunnel conﬁguration can be called up by option IPsec item in the menu. IPsec tunnel allows protected (encrypted) connection of two networks LAN to the one which looks like one homogenous. In the IPsec Tunn els Conﬁguration window are four rows, each row for one conﬁgured one IPsec tunnel.

Item Description

Create This item enables the individual tunnels.

Description This item displays the name of the tunnel speciﬁed in the conﬁg-

Edit Conﬁguration IPsec tunnel.

1. CONFIGURATION OVER WEB BROWSER

uration of the tunnel.

Tab l e 39: Overview IPsec tunnels

Figure 38: IPsec tunnels conﬁguration

Item Description

Description Name (description) of the tunnel

Remote IP Address IP address of remote side of the tunnel. It is also possible to enter

the domain name.

Remote ID Identiﬁer (ID) of remote side of the tunnel. It consists of two parts:

hostname and domain-name (more information can be found under the table).

Remote Subnet IP address of a network behind remote side of the tunnel

Remote Subnet Mask Subnet mask of a network behind remote side of the tunnel

Local ID Identiﬁer (ID) of local side of the tunnel. It consists of two parts:

hostname and domain-name (more information can be found under the table).

Local Subnet IP address of a local network

Local subnet mask Subnet mask of a local network

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Encapsulation Mode IPsec mode (according to the method of encapsulation) – You

NAT traversal If address translation is used between two end points of the tun-

IKE Mode Deﬁnes mode for establishing connection (main or aggressive).

IKE Algorithm Way of algorithm selection:

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

can choose tunnel (entire IP datagram is encapsulated) or trans- port (only IP header).

nel, it needs to enable NAT Trave r sal .

If the aggressive mode is selected, establishing of IPsec tunnel will be faster, but encryption will set permanently on 3DES-MD5.

• auto – encryption and hash alg. are selected automatically

• manual – encryption and hash alg. are deﬁned by the user

IKE Encryption Encryption algorithm – 3DES, AES128, AES192, AES256

IKE Hash Hash algorithm – MD5 nebo SHA1

IKE DH Group Difﬁe-Hellman groups determine the strength of the key used in

the key exchange process. Higher group numbers are more secure, but require additional time to compute the key. Group with higher number provides more security, but requires more processing time.

ESP Algorithm Way of algorithm selection:

• auto – encryption and hash alg. are selected automatically

• manual – encryption and hash alg. are deﬁned by the user

ESP Encryption Encryption algorithm – DES, 3DES, AES128, AES192, AES256

ESP Hash Hash algorithm – MD5 nebo SHA1

PFS Ensures that derived session keys are not compromised if one of

the private keys is compromised in the future

PFS DH Group Difﬁe-Hellman group number (see IKE DH Group)

Key Lifetime Lifetime key data part of tunnel. The minimum value of this pa-

rameter is 60 s. The maximum value is 86400 s.

IKE Lifetime Lifetime key service part of tunnel. The minimum value of this

parameter is 60 s. The maximum value is 86400 s.

Rekey Margin Speciﬁes how long before connection expiry should attempt to

negotiate a replacement begin. Maximum value must be less than half of IKE and Key Lifetime parameters.

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Rekey Fuzz Percentage extension of Rekay Margin time

DPD Delay Time after which the IPsec tunnel functionality is tested

DPD Timeout The period during which device waits for a response

Authenticate Mode Using this parameter can be set authentication:

Pre-shared Key Shared key for both sides of the tunnel to Pre-shared key authen-

CA Certiﬁcate Certiﬁcate for X.509 authentication

Remote Certiﬁcate Certiﬁcate for X.509 authentication

Local Certiﬁcate Certiﬁcate for X.509 authentication

Local Private Key Private key for X.509 authentication

Local Passphrase Passphrase for X.509 authentication

Extra Options Use this parameter to deﬁne additional parameters of the IPsec

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

• Pre-shared key – sets the shared key for both sides of the

tunnel

• X.509 Certiﬁcate – allows X.509 authentication in multi-

client mode

ticate

tunnel, for example secure parameters etc.

Tab l e 40: IPsec tunnel conﬁguration

IPsec supports the following types of identiﬁers (ID) of both tunnel sides (Remote ID and Local ID items):

• IP address (e.g. 192.168.1.1)

• DN (e.g. C=CZ,O=Vitriko,OU=TP,CN=A)

• FQDN (e.g. @director.vitriko.com) – in front of FQDN must always be @

• User FQDN (e.g. director@vitriko.com)

The certiﬁcates and private keys have to be in PEM format. As certiﬁcate it is possible to use only certiﬁcate which has start and stop tag certiﬁcate.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Random time, after which it will re-exchange of new keys are deﬁned:

Lifetime - (Rekey margin + random value in range (from 0 to Rekey margin * Rekey Fuzz/100))

By default, the repeated exchange of keys held in the time range:

• Minimal time: 1h - (9m + 9m) = 42m

• Maximal time: 1h - (9m + 0m) = 51m

When setting the times for key exchange is recommended to leave the default setting in which tunnel has guaranteed security. When set higher time, tunnel has smaller operating costs and smaller the safety. Conversely, reducing the time, tunnel has higher operating costs and higher safety of the tunnel.

The changes in settings will apply after pressing the Apply button.

1. CONFIGURATION OVER WEB BROWSER

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 39: IPsec tunnels conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the IPSec Tunn el conﬁguration:

1. CONFIGURATION OVER WEB BROWSER

Figure 40: To pol o gy of example IPsec conﬁguration

IPsec tunnel conﬁguration:

Conﬁguration

Remote IP Address 10.0.0.2 10.0.0.1

Remote Subnet 192.168.2.0 192.168.1.0

Remote Subnet Mask 255.255.255.0 255.255.255.0

Local Subnet 192.168.1.0 192.168.2.0

Local Subnet Mas: 255.255.255.0 255.255.255.0

Authenticate mode pre-shared key pre-shared key

Pre-shared key test test

Tab l e 41: Example IPsec conﬁguration

Examples of different options for conﬁguration and authentication of IPsec tunnel can be found in the application note IPsec.

A B

1.22 GRE tunnels conﬁgur ation

GRE is an unencrypted protocol.

To enter the GRE tunnels conﬁguration, select the GRE menu item. The GRE tunnel is used for connection of two networks to one that appears as one homogenous. It is possible to conﬁgure up to four GRE tunnels. In the GRE Tu nnel s Conﬁguration window are four rows, each row for one conﬁgured GRE tunnel.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Create Enables the individual tunnels

Description Displays the name of the tunnel speciﬁed in the conﬁguration form

Edit Conﬁguration of GRE tunnel

1. CONFIGURATION OVER WEB BROWSER

Tab l e 42: Overview GRE tunnels

Figure 41: GRE tunnels conﬁguration

Item Description

Description Description of tunnel.

Remote IP Address IP address of the remote side of the tunnel

Local Interface IP Address

Remote Interface IP Address

Remote Subnet IP address of the network behind the remote side of the tunnel

Remote Subnet Mask Mask of the network behind the remote side of the tunnel

Multicasts Enables/disables multicast:

Pre-shared Key An optional value that deﬁnes the 32 bit shared key in numeric

IP address of the local side of the tunnel

IP address of the remote side of the tunnel

• disabled – multicast disabled

• enabled – multicast enabled

format, through which the ﬁltered data through the tunnel. This key must be deﬁned on both routers as same, otherwise the router will drop received packets. Using this key, the data do not provide a tunnel through.

Tab l e 43: GRE tunnel conﬁguration

Attention, GRE tunnel doesn’t connect itself via NAT.

The changes in settings will apply after pressing the Apply button.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 42: GRE tunnel conﬁguration

Example of the GRE Tunn el conﬁguration:

Figure 43: To pol o gy of GRE tunnel conﬁguration

GRE tunnel Conﬁguration:

Conﬁguration

Remote IP Address 10.0.0.2 10.0.0.1

Remote Subnet 192.168.2.0 192.168.1.0

Remote Subnet Mask 255.255.255.0 255.255.255.0

Tab l e 44: Example GRE tunnel conﬁguration

A B

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.23 L2TP tunnel conﬁgur ation

L2TP is an unencrypted protocol.

To enter the L2TP tunnels conﬁguration, select the L2TP menu item. L2TP tunnel allows protected connection by password of two networks LAN to the one which it looks like one homogenous. The tunnels are active after selecting Create L2TP tunnel.

Item Description

Mode L2TP tunnel mode on the router side:

1. CONFIGURATION OVER WEB BROWSER

• L2TP server – in the case of a server must be deﬁned IP

address range offered by the server

• L2TP client – in case of client must be deﬁned the IP

address of the server

Server IP Address IP address of server

Client Start IP Address Start IP address in range, which is offered by server to clients

Client End IP Address End IP address in range, which is offered by server to clients

Local IP Address IP address of the local side of the tunnel

Remote IP Address IP address of the remote side of the tunnel

Remote Subnet Address of the network behind the remote side of the tunnel

Remote Subnet Mask The mask of the network behind the remote side of the tunnel

Username Username for login to L2TP tunnel

Password Password for login to L2TP tunnel

Tab l e 45: L2TP tunnel conﬁguration

The changes in settings will apply after pressing the Apply button.

Figure 44: L2TP tunnel conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the L2TP Tunn el conﬁguration:

1. CONFIGURATION OVER WEB BROWSER

Figure 45: To pol o gy of example L2TP tunnel conﬁguration

Conﬁguration of the L2TP tunnel:

Conﬁguration

Mode L2TP Server L2TP Client

Server IP Address — 10.0.0.1

Client Start IP Address 192.168.1.2 —

Client End IP Address 192.168.1.254 —

Local IP Address 192.168.1.1 —

Remote IP Address — —

Remote Subnet 192.168.2.0 192.168.1.0

Remote Subnet Mask 255.255.255.0 255.255.255.0

Username username username

Password password password

Tab l e 46: Example L2TP tunel conﬁguration

A B

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.24 PPTP tunnel conﬁgur ation

PPTP is an unencrypted protocol.

To enter the PPTP tunnels conﬁguration, select the PPTP menu item. PPTP tunnel allows protected connection by password of two networks LAN to the one which it looks like one homogenous. It is a similar method of VPN execution as L2TP. The tunnels are active after selecting Create PPTP tunnel.

Item Description

Mode PPTP tunnel mode on the router side:

1. CONFIGURATION OVER WEB BROWSER

• PPTP server – in the case of a server must be deﬁned

IP address range offered by the server

• PPTP client – in case of client must be deﬁned the IP

address of the server

Server IP Address IP address of server

Local IP Address IP address of the local side of the tunnel

Remote IP Address IP address of the remote side of the tunnel

Remote Subnet Address of the network behind the remote side of the tunnel

Remote Subnet Mask The mask of the network behind the remote side of the tunnel

Username Username for login to PPTP tunnel

Password Password for login to PPTP tunnel

Tab l e 47: PPTP tunnel conﬁguration

The changes in settings will apply after pressing the Apply button.

Figure 46: PPTP tunnel conﬁguration

Since ﬁrmware 3.0.9 is added support for PPTP passthrough, which means that it is possible to create a tunnel through router.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the PPTP Tunn el conﬁguration:

1. CONFIGURATION OVER WEB BROWSER

Figure 47: To pol o gy of example PPTP tunnel conﬁguration

Conﬁguration of the PPTP tunnel:

Conﬁguration

Mode PPTP Server PPTP Client

Server IP Address — 10.0.0.1

Local IP Address 192.168.1.1 —

Remote IP Address — —

Remote Subnet 192.168.2.0 192.168.1.0

Remote Subnet Mask 255.255.255.0 255.255.255.0

Username username username

Password password password

Tab l e 48: Example PPTP tunel conﬁguration

A B

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.25 DynDNS client conﬁgur ation

DynDNS client Conﬁguration can be called up by option DynDNS item in the menu. In the window can be deﬁned a third order domain registered on server www.dyndns.org.

Item Description

Hostname Third order domain registered on server www.dyndns.org

Username Username for login to DynDNS server

Password Password for login to DynDNS ser ver

Server If you want to use another DynDNS service than www.dyndns.org, then

1. CONFIGURATION OVER WEB BROWSER

enter the update server service to this item. If this item is left blank, it uses the default server members.dyndns.org.

Tab l e 49: DynDNS conﬁguration

Example of the DynDNS client conﬁguration with domain conel.dyndns.org:

Figure 48: Example of DynDNS conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.26 NTP client conﬁgur ation

NTP client Conﬁguration can be called up by option NTP item in the menu. NTP (Network Time Protocol) allows set the exact time to the router from the servers, which provide the exact time on the network.

By parameter Enable local NTP service router is set to a mode in which it operates as an NTP server for other devices in the LAN behind the router.

By parameter Enable local NTP service it is possible to set the router in mode, that it can serve as NTP server for other devices.

Item Description

Primary NTP Server Address

Secondary NTP Server Address

Timezone By this parameter it is possible to set the time zone of the router

Daylight Saving Time Using this parameter can be deﬁned time shift:

1. CONFIGURATION OVER WEB BROWSER

IP or domain address primary NTP server.

IP or domain address secondary NTP server.

• No – time shift is disabled

• Yes – time shift is allowed

Tab l e 50: NTP conﬁguration

Example of the NTP conf. with set primary (ntp.cesnet.cz) and secondary (tik.cesnet.cz) NTP server and with daylight saving time:

Figure 49: Example of NTP conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.27 SNMP conﬁgur ation

To enter the SNMP conﬁguration it is possible with SNMP agent v1/v2 or v3 conﬁguration which sends information about the router, eventually about the status of the expansion port CNT or MBUS.

SNMP (Simple Network Management Protocol) provides status information about network elements such as routers or end computers.

Item Description

Name Designation of the router.

Location Placing of the router.

Contact Person who manages the router together with information how to contact

1. CONFIGURATION OVER WEB BROWSER

this person.

Tab l e 51: SNMP agent conﬁguration

Enabling SNMPv1/v2 is performed using the Enable SNMPv1/v2 access item. It is also necessary to deﬁne a password for access to the SNMP agent (Community). Standardly is used public that is predeﬁned.

The Enable SNMPv3 access item allows you to enable SNMPv3. Then you must deﬁne the following parameters:

Item

Username User name

Authentication Encryption algorithm on the Authentication Protocol that is

Authentication Password Password used to generate the key used for authentication.

Privacy Encryption algorithm on the Privacy Protocol that is used to

Privacy Password Password for encryption on the Privacy Protocol.

In addition, you can continue with this conﬁguration:

• By choosing Enable I/O extension it is possible to monitor binary inputs I/O on the router.

Description

used to ensure the identity of users.

ensure conﬁdentiality of data.

Tab l e 52: SNMPv3 conﬁguration

• By choosing Enable XC-CNT extension it is possible to monitor the expansion port CNT

inputs and outputs status.

• By choosing Enable M-BUS extension and enter the Baudrate, Parity and Stop Bits it is

possible to monitor the meter status connected to the expansion port MBUS status.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Baudrate Communication speed.

Parity Control parity bit:

Stop Bits Number of stop bit.

Parameters Enable XC-CNT extension and Enable M-BUS extension can not be checked together.

By choosing Enable reporting to supervisory system and enter the IP Address and Period it is possible to send statistical information to the monitoring system R-SeeNet.

1. CONFIGURATION OVER WEB BROWSER

• none – data will be sent without parity

• even – data will be sent with even parity

• odd – data will be sent with odd parity

Tab l e 53: SNMP conﬁguration (MBUS extension)

Item Description

IP Address IP address

Period Period of sending statistical information (in minutes)

Tab l e 54: SNMP conﬁguration (R-SeeNet)

Every monitor value is uniquely identiﬁed by the help of number identiﬁer OID – Object Identiﬁer. For binary input and output the following range of OID is used:

OID Description

.1.3.6.1.4.1.30140.2.3.1.0 Binary input BIN0 (values 0,1)

.1.3.6.1.4.1.30140.2.3.2.0 Binary output OUT0 (values 0,1)

Tab l e 55: Object identiﬁer for binary input and output

For the expansion port CNT the following range of OID is used:

OID Description

.1.3.6.1.4.1.30140.2.1.1.0 Analogy input AN1 (range 0-4095)

.1.3.6.1.4.1.30140.2.1.2.0 Analogy input AN2 (range 0-4095)

.1.3.6.1.4.1.30140.2.1.3.0 Counter input CNT1 (range 0-4294967295)

.1.3.6.1.4.1.30140.2.1.4.0 Counter input CNT2 (range 0-4294967295)

.1.3.6.1.4.1.30140.2.1.5.0 Binary input BIN1 (values 0,1)

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

OID Description

.1.3.6.1.4.1.30140.2.1.6.0 Binary input BIN2 (values 0,1)

.1.3.6.1.4.1.30140.2.1.7.0 Binary input BIN3 (values 0,1)

.1.3.6.1.4.1.30140.2.1.8.0 Binary input BIN4 (values 0,1)

.1.3.6.1.4.1.30140.2.1.9.0 Binary output OUT1 (values 0,1)

For the expansion port M-BUS the following range of OID is used:

OID Description

.1.3.6.1.4.1.30140.2.2.<address>.1.0 IdNumber – meter number

.1.3.6.1.4.1.30140.2.2.<address>.2.0 Manufacturer

.1.3.6.1.4.1.30140.2.2.<address>.3.0 Version – speciﬁed meter version

.1.3.6.1.4.1.30140.2.2.<address>.4.0 Medium – type of metered medium

.1.3.6.1.4.1.30140.2.2.<address>.5.0 Status – errors report

.1.3.6.1.4.1.30140.2.2.<address>.6.0 0. VIF – value information ﬁeld

.1.3.6.1.4.1.30140.2.2.<address>.7.0 0. measured value

.1.3.6.1.4.1.30140.2.2.<address>.8.0 1. VIF – value information ﬁeld

.1.3.6.1.4.1.30140.2.2.<address>.9.0 1. measured value

.1.3.6.1.4.1.30140.2.2.<address>.10.0 2. VIF – value information ﬁeld

.1.3.6.1.4.1.30140.2.2.<address>.11.0 2. measured value

.1.3.6.1.4.1.30140.2.2.<address>.12.0 3. VIF – value information ﬁeld

.1.3.6.1.4.1.30140.2.2.<address>.13.0 3. measured value .

. .

.1.3.6.1.4.1.30140.2.2.<address>.100.0 47. VIF – value information ﬁeld

.1.3.6.1.4.1.30140.2.2.<address>.101.0 47. measured value

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

Tab l e 56: Object identiﬁer for CNT port

. . .

Tab l e 57: Object identiﬁer for M-BUS port

The meter address can be from range 0..254 when 254 is broadcast.

Since ﬁrmware 3.0.4 all v2 routers with board RB-v2-6 and newer provide information about internal temperature of device (OID 1.3.6.1.4.1.30140.3.3) and power voltage (OID

1.3.6.1.4.1.30140.3.4).

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of SNMP settings and readout:

1. CONFIGURATION OVER WEB BROWSER

Figure 50: Example of SNMP conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 51: Example of the MIB browser

It is important to set the IP address of the SNMP agent (router) in ﬁeld Remote SNMP agent. After enter the IP address is in a MIB tree part is possible show object identiﬁer.

The path to objects is:

iso → org → dod → internet → private → enterprises → conel → protocols

The path to information about router is:

iso → org → dod → internet → mgmt → mib-2 → system

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.28 SMTP conﬁgur ation

To enter the SMTP it is possible conﬁgure SMTP (Simple Mail Tran sfer Protocol) client, which is set by sending emails.

Item Description

SMTP Server Address IP or domain address of the mail server.

Username Name to email account.

Password Password to email account.

Own Email Address Address of the sender.

Mobile operator can block other SMTP servers, then you can use only the SMTP server of operator.

1. CONFIGURATION OVER WEB BROWSER

Tab l e 58: SMTP client conﬁguration

Example settings SMTP client:

Figure 52: SMTP conﬁguration

E-mail can be send from the Startup script. This command is used to email with following parameters.

• -t receiver Email address

• -s subject

• -m message

• -a appendix

• -r number of attempts to send email (default set 2 attempts)

Commands and parameters can be entered only in lowercase.

Example to send email:

email –t name@domain.com –s "subject" –m "message" –a c:\directory\abc.doc –r 5

This command sends e-mail to address jack@google.com with the subject "subject", body message "message" and annex "abc.doc" right from the directory c:\directory\and 5 attempts to send.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.29 SMS conﬁgur ation

For industrial router XR5i v2 is not available SMS Conﬁguration item.

SMS Conﬁguration can be called up by option SMS item in the menu. SMS conﬁguration deﬁnes the options for sending SMS messages from the router at different deﬁned events and states of the router. In the ﬁrst part of window it conﬁguration send SMS.

Item Description

Send SMS on power up Automatic sending of SMS messages after power up.

Send SMS on connect to mobile network

Send SMS on disconnect to mobile network

Send SMS when datalimit exceeded

Send SMS when binary input on I/O port (BIN0) is active

Send SMS when binary input on expansion port (BIN1 – BIN4) is active

Add timestamp to SMS Adds time stamp to sent SMS messages. This stamp

Phone Number 1 Telep hon e numbers for sending automatically gener-

Phone Number 2 Telep hon e numbers for sending automatically gener-

Phone Number 3 Telep hon e numbers for sending automatically gener-

Unit ID The name of the router that will be sent in an SMS.

BIN0 – SMS SMS text messages when activate the binary input on

BIN1 – SMS SMS text messages when activate the binary input

BIN2 – SMS SMS text messages when activate the binary input on

BIN3 – SMS SMS text messages when activate the binary input on

1. CONFIGURATION OVER WEB BROWSER

Automatic sending SMS message after connection to mobile network.

Automatic sending SMS message after disconnection to mobile network.

Automatic sending SMS message after datalimit exceeded.

Automatic sending SMS message after binary input on I/O port (BIN0) is active. Tex t of message is intended parameter BIN0.

Automatic sending SMS message after binary input on expansion port (BIN1 – BIN4) is active. Tex t of message is intended parameter BIN1 – BIN4.

has a ﬁxed format YYYY-MM-DD hh:mm:ss.

ated SMS.

the router.

on the expansion port.

the router.

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

BIN4 – SMS SMS text messages when activate the binary input on

In the second part of the window it is possible to set function Enable remote control via SMS. After this it is possible to establish and close connection by SMS message.

Item Description

Phone Number 1 This control can be conﬁgured for up to three numbers. If is set

Phone Number 2 This control can be conﬁgured for up to three numbers. If is set

Phone Number 3 This control can be conﬁgured for up to three numbers. If is set

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

the router.

Tab l e 59: Send SMS conﬁguration

Enable remote control via SMS, all incoming SMS are processed and deleted. In the default settings this parameter is turned on.

Tab l e 60: Control via SMS conﬁguration

If no phone number is ﬁlled in, then it is possible to restart the router with the help of SMS in the form of Reboot from any phone number. While ﬁlling of one, two or three numbers it is possible to control the router with the help of an SMS sent only from these numbers. While ﬁlling of sign "*" it is possible control the router with the help of an SMS sent from every numbers.

Control SMS message doesn’t change the router conﬁguration. If the router is switched to ofﬂine mode by the SMS message the router will be in this mode up to next restart. This behavior is the same for all control SMS messages.

It is possible to send controls SMS in the form:

SMS

go online sim 1 Switch to SIM1 card

go online sim 2 Switch to SIM2 card

go online Switch router in online mode

go ofﬂine connection termination

set out0=0 Set output I/O connector on 0

set out0=1 Set output I/O connector on 1

Description

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

SMS Description

set out1=0 Set output expansion port XC-CNT on 0

set out1=1 Set output expansion port XC-CNT on 1

set proﬁle std Set standard proﬁle

set proﬁle alt1 Set alternative proﬁle 1

set proﬁle alt2 Set alternative proﬁle 2

set proﬁle alt3 Set alternative proﬁle 3

reboot Router reboot

get ip Router send answer with IP address SIM card

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

Tab l e 61: Control SMS

By choosing Enable AT- S M S protocol on expansion port 1 and Baudrate it is possible to send/receive an SMS on the serial Port 1.

Item Description

Baudrate Communication speed expansion port 1

Tab l e 62: Send SMS on serial PORT1 conﬁguration

By choosing Enable AT- SM S protocol on expansion port 2 and Baudrate it is possible to send/receive an SMS on the serial Port 2.

Item Description

Baudrate Communication speed expansion port 2

Tab l e 63: Send SMS on serial PORT2 conﬁguration

By choosing Enable AT-S MS protocol on TCP por t and enter the TCP port it is possible to send/receive an SMS on the TCP port. SMS messages are sent by the help of a standard AT commands.

Item

TCP Port TCP port on which will be allowed to send/receive SMS messages.

Description

Tab l e 64: Send SMS on ethernet PORT1 conﬁguration

1.29.1 Send SMS

After establishing connection with the router via serial interface or Ethernet, it is possible to use AT commands for work with SMS messages.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

The following table only lists the commands that are supported by Vitriko’s routers. For other AT commands is always sent OK response. There is no support for treatment of complex AT commands, so in such a case router sends ERROR response.

AT Command Description

AT+C GM I Returns the manufacturer speciﬁc identity

AT+C GM M Returns the manufacturer speciﬁc model identity

AT+C GM R Returns the manufacturer speciﬁc model revision identity

AT+C GPA DD R Displays the IP address of the ppp0 interface

AT+C GS N Returns the product serial number

AT+C IM I Returns the International Mobile Subscriber Identity number (IMSI)

AT+C MG D Deletes a message from the location

AT+C MG F Sets the presentation format of short messages

AT+C MG L Lists messages of a certain status from a message storage area

AT+C MG R Reads a message from a message storage area

AT+C MG S Sends a short message from the device to entered tel. number

AT+C MGW Writes a short message to SIM storage

AT+C MS S Sends a message from SIM storage location value

AT+C OPS ? Identiﬁes the available mobile networks

AT+C PI N Is used to query and enter a PIN code

AT+C PM S Selects SMS memory storage types, to be used for short message

AT+C RE G Displays network registration status

AT+C SCA Sets the short message service centre (SMSC) number

AT+C SC S Selects the character set

AT+C SQ Returns the signal strength of the registered network

AT+G MI Returns the manufacturer speciﬁc identity

AT+G MM Returns the manufacturer speciﬁc model identity

AT+G MR Returns the manufacturer speciﬁc model revision identity

AT+G SN Returns the product serial number

ATE Determines whether or not the device echoes characters

ATI Tran s mi t s the manufacturer speciﬁc information about the device

1. CONFIGURATION OVER WEB BROWSER

operations

Tab l e 65: List of AT commands

A detailed description and examples of these AT commands can be found in the application note AT commands.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

After powering up the router, at the mentioned the phone number comes SMS in this form:

Router (Unit ID) has been powered up. Signal strength –xx dBm.

After connect to mobile network, at the mentioned phone number comes SMS in this form:

Router (Unit ID) has established connection to mobile network. IP address xxx.xxx.xxx.xxx

After disconnect to mobile network, at the mentioned phone number comes SMS in this form:

Router (Unit ID) has lost connection to mobile network. IP address xxx.xxx.xxx.xxx

Conﬁguration of sending this SMS is following:

1. CONFIGURATION OVER WEB BROWSER

Figure 53: Example of SMS conﬁguration 1

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the router conﬁguration for SMS sending via serial interface on the PORT1:

1. CONFIGURATION OVER WEB BROWSER

Figure 54: Example of SMS conﬁguration 2

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the router conﬁguration for controlling via SMS from every phone numbers:

1. CONFIGURATION OVER WEB BROWSER

Figure 55: Example of SMS conﬁguration 3

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of the router conﬁguration for controlling via SMS from two phone numbers:

1. CONFIGURATION OVER WEB BROWSER

Figure 56: Example of SMS conﬁguration 4

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.30 Expansion port conﬁguration

Conﬁguring of the expansion ports PORT1 and PORT2 can cause selecting Expansion Port 1 or Expansion Port 2.

Item Description

Baudrate Applied communication speed.

Data Bits Number of data bits.

Parity Control parity bit

Stop Bits Number of stop bit.

Split Timeout Time to rupture reports. If you receive will identify the gap between two

Protocol Protocol:

1. CONFIGURATION OVER WEB BROWSER

• none – will be sent without parity

• even – will be sent with even parity

• odd – will be sent with odd parity

characters, which is longer than the parameter value in milliseconds. Then all of the received data compiled and sent the message.

• TCP – communication using a linked protocol TCP

• UDP – communication using a unlinked protocol UDP

Mode Mode of connection:

• TCP server – router will listen to incoming requests about TCP

connection

• TCP client – router will connect to a TCP server on the speciﬁed

IP address and TCP port

Server Address In mode TCP client it is necessary to enter the Server address and

ﬁnal TCP port.

TCP Port In both modes of connection is necessary to specify the TCP port on

which the router will communicate TCP connections.

Tab l e 66: Expansion PORT conﬁguration 1

After check Check TCP connection, it activates established of TCP connection.

Item Description

Keepalive Time Time, after which it will carry out veriﬁcation of the connection

Keepalive Interval Waiting time on answer

Keepalive Probes Number of tests

Tab l e 67: Expansion PORT conﬁguration 2

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

When you select items Use CD as indicator of the TCP connection is activated function indication TCP connection using signal CD (DTR on the router).

CD Description

Active TCP connection is on

Nonactive TCP connection is off

When you select items Use DTR as control of TCP connection is activated function control TCP connection using signal DTR (CD on the router).

1. CONFIGURATION OVER WEB BROWSER

Tab l e 68: CD signal description

DTR

Active The router allows establishing a TCP

Nonactive The router does not permit establishing

The changes in settings will apply after pressing the Apply button.

Description server Description client

Router starts TCP connection

connection

Router stops TCP connection

a TCP connection

Tab l e 69: DTR signal description

Figure 57: Expansion port conﬁguration

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Example of external port conﬁguration:

1. CONFIGURATION OVER WEB BROWSER

Figure 58: Example of expansion port conﬁguration 1

Figure 59: Example of expansion port conﬁguration 2

Since ﬁrmware 3.0.9 all v2 routers provide a program called getty which allows user to connect to the router via the serial line (router must be ﬁtted with an expansion port RS232!). Getty displays the prompt and after entering the username passes it on login program, which asks for a password, veriﬁes it and runs the shell. After logging in, it is possible to manage the system as well as a user is connected via telnet.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.31 USB port conﬁguration

The USB port conﬁguration can be called up by airbrush option USB Port in menu. Conﬁguration can be done, if we have USB/RS232 converter.

Item Description

Baudrate Applied communication speed.

Data Bits Number of data bits.

Parity Control parity bit:

Stop Bits Number of stop bit.

Split Timeout Time to rupture reports. If you receive will identify the gap between

Protocol Communication protocol:

1. CONFIGURATION OVER WEB BROWSER

• none – will be sent without parity

• even – will be sent with even parity

• odd – will be sent with odd parity

two characters, which is longer than the parameter value in milliseconds. Then all of the received data compiled and sent the message.

• TCP – communication using a linked protocol TCP

• UDP – communication using a unlinked protocol UDP

Mode Mode of connection:

• TCP server – router will listen to incoming requests about TCP

connection

• TCP client – router will connect to a TCP server on the speci

ﬁed IP address and TCP port

Server Address In mode TCP client it is necessary to enter the Server address and

ﬁnal TCP port.

TCP Port In both modes of connection is necessar y to specify the TCP port on

which the router will communicate TCP connections.

Tab l e 70: USB port conﬁguration 1

After check Check TCP connection, it activates veriﬁcation of established TCP connection.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Item Description

Keepalive Time Time, after which it will carry out veriﬁcation of the connection

Keepalive Interval Waiting time on answer

Keepalive Probes Number of tests

When you select items Use CD as indicator of the TCP connection is activated function indication TCP connection using signal CD (DTR on the router).

CD Description

Active TCP connection is on

Nonactive TCP connection is off

1. CONFIGURATION OVER WEB BROWSER

Tab l e 71: USB PORT conﬁguration 2

Tab l e 72: CD signal description

When you select items Use DTR as control of TCP connection is activated function control TCP connection using signal DTR (CD on the router).

DTR

Active The router allows establishing a TCP

Nonactive The router does not permit establishing

Supported USB/RS232 converters:

• FTDI

• Proliﬁc PL2303

• Silicon Laboratories CP210×(supported from ﬁrmware version 3.0.1)

The changes in settings will apply after pressing the Apply button

Description server Description client

Router starts TCP connection

connection

Router stops TCP connection

a TCP connection

Tab l e 73: DTR signal description

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 60: USB conﬁguration

Example of USB port conﬁguration:

Figure 61: Example of USB port conﬁguration 1

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1. CONFIGURATION OVER WEB BROWSER

Figure 62: Example of USB port conﬁguration 2

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.32 Startup script

In the window Startup Script it is possible to create own scripts which will be executed after all initial scripts.

The changes in settings will apply after pressing the Apply button.

1. CONFIGURATION OVER WEB BROWSER

Figure 63: Startup script

Change take effect after shut down and witch on router by the help of button Reboot in web administration or by SMS message.

Example of Startup script: When start the router, stop syslogd program and start syslogd with remote logging on address 192.168.2.115 and limited to 100 entries listing.

Figure 64: Example of Startup script

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.33 Up/Down script

In the window Up/Down Script it is possible to create own scripts. In the item Up script is deﬁned scripts, which begins after establishing a PPP/WAN connection. In the item Down Script is deﬁnes script, which begins after lost a PPP/WAN connection.

The changes in settings will apply after pressing the Apply button.

1. CONFIGURATION OVER WEB BROWSER

Figure 65: Up/Down script

Example of UP/Down script: After establishing or lost a connection, the router sends an email with information about establishing or loss a connection.

Figure 66: Example of Up/Down script

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.34 Automatic update conﬁguration

In the window Automatic update it is possible to set automatic conﬁguration update. This choice enables that the router automatically downloads the conﬁguration and the newest ﬁrmware from the server itself. The conﬁguration and ﬁrmware are stores on the server. To prevent possible manipulation of the update, downloaded ﬁle (tar.gz format) is controlled. At ﬁrst, format of the downloaded ﬁle is checked. Then there is controlled type of architecture and each ﬁle in the archive (tar.gz ﬁle).

By Enable automatic update of conﬁguration it is possible to enable automatic conﬁguration update and by Enable automatic update of ﬁrmware it is possible to enable ﬁrmware update.

Item Description

Source In the item source can be set, where new ﬁrmware download:

Base URL By parameter Base URL it is possible to enter base part of the domain

Unit ID Name of conﬁguration. If the Unit ID is not ﬁlled, then as the ﬁle name

Update Hour Use this item to set the hour (range 1-24) in which automatic update will

1. CONFIGURATION OVER WEB BROWSER

• HTTP/FTP server – new ﬁrmware or conﬁguration look at address in the Base URL item.

• USB ﬂash drive – Router ﬁnds current ﬁrmware or conﬁguration in the root directory of the connected USB device.

• Both – looking for the current ﬁrmware or conﬁguration from both sources.

or IP address, from which the conﬁguration ﬁle will be downloaded.

used the MAC address of the router. (The delimiter is a colon is used instead of a dot.)

be performed every day. If the time is not speciﬁed, automatic update is per formed ﬁve minutes after turning on the router and then every 24 hours. In the event of a different conﬁguration at the speciﬁed URL router downloads this conﬁguration and restarts itself.

Tab l e 74: Automatic update conﬁguration

The conﬁguration ﬁle name is from parameter Base URL, hardware MAC address of ETH0 interface and cfg extension. Hardware MAC address and cfg extension is connected automatically and it isn’t needed to enter this. By parameter Unit ID enabled it deﬁnes the concrete conﬁguration name which will be download to the router. When using parameter Unit ID, hardware MAC address in conﬁguration name will not be used.

The ﬁrmware ﬁle name is from parameter Base URL, type of router and bin extension.

It is necessary to load two ﬁles (.bin and .ver) to the HTTP/FTP server. If there is uploaded only the .bin ﬁle and the HTTP server send wrong answer 200 OK (instead of expected 404 Not Found ) when the device try to download the nonexistent .ver ﬁle, then there is a high risk that the router will download the .bin ﬁle over and over again.

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

The following examples ﬁnd if there is a new ﬁrmware or conﬁguration each day at 1:00 in the morning. An example is given on the type of router ER75i v2.

• Firmware: http://router.cz/er75i-v2.bin

• Conﬁguration ﬁle: http://router.cz/temelin.cfg

1. CONFIGURATION OVER WEB BROWSER

Figure 67: Example of automatic update 1

The following examples ﬁnd if there is a new ﬁrmware or conﬁguration each day at 1:00 in the morning. An example is given on the type of router ER75i v2 with MAC address 00:11:22:33:44:55.

• Firmware: http://router.cz/er75i-v2.bin

• Conﬁguration ﬁle: http://router.cz/00.11.22.33.44.55.cfg

Figure 68: Example of automatic update 2

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

1.35 User modules

Conﬁguration of user modules can be accessed by selecting the User Modules item. It is possible to add new modules, delete them or switch to their conﬁguration. Use the Browse button to select the user module (compiled module has tgz extension). The module is added using the Add button.

Added module appears in the list of modules on the same page. If the module contains index.html or index.cgi page, module name serves as a link to this page. The module can be deleted using the Delete button.

Updating of the module can be done in the same way like adding a new module. Module with a higher (newer) version will replace the existing module. The current module conﬁguration is kept in same state.

Programming and compiling of modules are described in the programming guide.

1. CONFIGURATION OVER WEB BROWSER

Figure 69: User modules

Figure 70: Added user module

There are for example these user’s modules:

Module name

MODBUS TCP2RTU Provides a conversion of MODBUS TCP/IP protocol to MDBUS

Easy VPN client Provides secure connection of LAN network behind our router

NMAP Allows to do TCP and UDP scan.

Daily Reboot Allows to perform daily reboot of the router at the speciﬁed time.

HTTP Authentication Adds the process of authentication to a server that doesn’t pro-

BGP, RIP, OSPF Add support of dynamic protocols.

PIM SM Adds support of multicast routing protocol PIM-SM.

Description

RTU protocol, which can be operated on the serial line.

with LAN network behind CISCO router.

vide this service.

Continued on next page

Contact www.vitriko.com info@vitriko.com

VITRIKO

Mobile Data Experts

Module name Description

WMBUS Concentrator Allows to receive messages from WMBUS meters and saves

pduSMS Sends short messages (SMS) to speciﬁed number.

GPS Allows v2 router to provide location and time information in all

Pinger Allows to manually or automatically verify the functionallity of

IS-IS Add support of IS-IS protocol.

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

contents of these messages to XML ﬁle.

weather, anywhere on or near the Earth, where there is an unobstructed line of sight to four or more GPS satellites.

the connection between two network interfaces (ping).

Tab l e 75: User modules

Attention, in the case of modules which are dependent on the version of linux kernel (these are SmsBE and PoS Conﬁguration), it is necessary to distinguish for which kernel (ﬁrewall) are intended.

1.36 Change proﬁle

To open the dialog box for changing proﬁle select the Change Proﬁle menu item. Proﬁle switch is making by press the button Apply. Change take effect after restarting router by the help of button Reboot in web administration or by SMS message. It is possible select the standard proﬁle or up to three alternative proﬁles. It is possible to copy actual conﬁguration to selected conﬁguration by selecting Copy settings from current proﬁle to selected proﬁle.

Example of usage proﬁles: Proﬁles can be used for example to switch between different modes of operation of the router (router has compiled a connection, the router has not compiled a connection and the router creates a tunnel to the service center). Change the proﬁle can then be done using a binary input, SMS or Web interface of the router.

Figure 71: Change proﬁle

Contact www.vitriko.com info@vitriko.com

Vitriko XR5i v2, ER75i v2, UR5i v2, LR77 v2 Configuration Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

1.2 General

1.2.1 Mobile Connection

1.2.2 Primary LAN

1.2.3 Peripheral Ports

1.2.4 System Information

1.3 Mobile WAN status

1.4 WiFi

1.5 WiFi Scan

1.6 Network status

1.7 DHCP status

1.8 IPsec status

1.9 DynDNS status

1.10 System Log

1.13.1 Connection to mobile network

1.17 Backup Routes

1.29.1 Send SMS

1.32 Startup script

1.33 Up/Down script

1.35 User modules