Eaton Eaton series, User Manual

Page 1: ...Broadband 4g LTE Cellular Router www aarrss com ...

Page 2: ...f this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures i Reorient or relocate the receiving antenna II Increase the separation between the equipment and receiver III Connect the equipment into an outlet on a circui...

Page 3: ...ort 5 1 10 RESET button 5 2 Getting started 6 2 1 Package contents 6 2 2 Device connections 6 2 3 Lan configuration 6 2 4 Cellular connections 6 3 645M web interface 7 3 1 Unit status 7 3 1 1 Status 7 3 1 2 System 10 3 1 3 Basic settings 11 3 2 Cell connection 11 3 2 1 Carrier 11 3 2 2 Settings 13 3 2 3 Dynamic DNS 14 3 2 4 System monitor 15 3 2 5 Other settings 16 3 2 6 Lan settings 16 3 3 Router...

Page 4: ...versus Ppublic IP addresses 46 4 4 Port forwarding 47 4 5 DMZ 47 4 6 Friendly IP address 47 5 IPsec and VPN pass phrough deployment guide 48 5 1 Benefits of IPsec 48 5 2 Configuration summary 48 5 2 1 Case 1 645M configured IPsec client 48 5 2 2 Case 2 645M configured to use a DMZ for VPN pass through 52 6 User I O port 53 6 1 Electrical characteristics 53 6 2 Input circuit for analog inputs 54 6 ...

Page 5: ...interfere with may be in use Do not operate in fuel depots chemical plants or blasting areas unless use has been approved and authorized Use care if operating in the vicinity of protected personal medical devices i e hearing aids and pacemakers Operation in the presence of other electronic equipment may cause interference if equipment is incorrectly protected Follow recommendations for installatio...

Page 6: ...rs countless software capabilities OEMs may tailor the 645M router by loading their application on the Open Developer Platform ODP which allows a Linux application to run on a partition of the embedded flash memory 1 1 Model identification The model identification label can be found on the bottom of your 645M router This label contains the product part number the serial number FCC and IC IDs as we...

Page 7: ...G Block TX 1850 1915 MHz Rx 1930 1995 MHz UMTS HSPA Band 1 2100 MHz TX 1920 1980 MHz Rx 2110 2170 MHz Band 2 1900 MHz TX 1850 1910 MHz Rx 1930 1990 MHz Band 4 AWS 1700 2100 MHz TX 1710 1755 MHz Rx 2110 2155 MHz Band 5 850 MHz TX 824 849 MHz Rx 869 894 MHz Band 8 900 MHz TX 880 915 MHz Rx 925 960 MHz GSM GPRS EDGE Band 2 PCS 1900 MHz TX 1850 1910 MHz Rx 1930 1990 MHz Band 3 DCS 1800 MHz TX 1710 178...

Page 8: ...rder Information Router Model Part Number 615M 1 LTE North America 615M 1 US 615M 1 LTE Rest of world 615M 1 EU 1 5 1 Mounting brackets A mounting bracket is provided with each ELPRO 615M For fixed location applications a flat plate bracket provides for low profile space saving mounting For applications requiring mounting to a DIN rail the included bracket can be used Table 3 645M mounting bracket...

Page 9: ...pins 9 32VDC power pin 1 and ground pin 2 Top pins optional ignition sense 3 and not connected 4 See diagram for compatible cable on the following page SIM SIM Card socket Interface for SIM card Mini SIM 2FF form factor Your wireless service provider will supply the SIM card with your wireless service contract COM 2 Molex 43650 0501 receptacle for 5 pin RS 232 TTL adapter 5 Pin TTL Serial Port Ava...

Page 10: ... 3 Ignition Sense White 4 No Connect NA Figure 6 Wiring for Ignition sense The fuse provided inside the fuse holder that is part of the wiring for mobile applications is a 2 Amp fast acting fuse EF2AL250VP 1 9 RS 232 RS 485 serial port Table 8 provides the serial cable design information to integrate the 645M modem into your system Table 9 gives the default RS 232 RS 485 communication parameters T...

Page 11: ...ble or optional AC power adapter to an applicable power source and plug the connector into the modem power PWR connector If using the fused power cable to connect to a DC supply car battery use the diagram in Figure 6 Wiring for Ignition sense and accompanying pin out information in Table 6 to connect the unit Figure 9 Connect antenna to ANT connector connect Ethernet cable to either LAN port and ...

Page 12: ...ed to delete browser history specifically Temporary Internet files for the pages of the web interface to display correctly Save apply and save On each screen you have the option to Save Apply or Save your configuration changes Save Apply commits the changes to persistent configuration files Save only stores the changes in volatile storage and changes can be reverted back to the original configurat...

Page 13: ...and time UTC received from the GPS receiver Mobile models or from a time server see Basic Settings Network Time System up time Uptime in hours minutes and seconds Current firmware version Firmware version currently loaded Please contact Eaton technical support for the latest updates Modem module model Model of the cellular modem installed Modem module version Displays the firmware version of the m...

Page 14: ...rrier When the unit is successfully provisioned the phone number for the user account will be displayed The MDN may display NOT AVAILABLE if the PIN status is disabled or the MDN is unknown IMEI The International Mobile Equipment Identity is a unique 15 digit number that serves as the serial number of the cellular module in the modem ICCID The Integrated Circuit Card Identifier is the primary acco...

Page 15: ...eceiver if installed Uptime The time since the router was last rebooted Load average The average number of processes in a runnable or non interruptible state for the past 1 5 and 15 minutes Memory The current memory usage broken out into Total Available Free Cached and Buffered categories DHCPv6 Leases The list of IPv4 and IPv6 leases given out to clients on the wired or wireless LAN interfaces by...

Page 16: ...ntly the router should synchronize with the server The router must have DNS access and a route to the internet to synchronize with the supplied default ntp org server this is not always true on private cellular networks The router does not save or track time while powered off so time will be inaccurate until the router can connect with the server which it does on startup in addition to synchronizi...

Page 17: ...y determine if the router receives a publicly routable WAN address Enter the APN provided by the carrier Username Username required by the cellular provider Leave blank if not required Password Password required by the cellular provider Leave blank if not required Authentication protocols Configure the authentication protocol to be used or none If no protocol is selected the default and recommende...

Page 18: ...b page change depending on the SIM status whether a PIN has been entered and whether PIN security is enabled or disabled The default setting for PIN security is disabled and you will see the status message Action PIN is disabled To change it it must be enabled first Note N Before enabling PIN security make sure you have the PIN provided by your wireless carrier To enter the PIN provided by your wi...

Page 19: ...pecified by the service provider Keywords in square brackets are replaced by their actual values Note N If the default Custom URL which references NO IP fails to update try the URL http USERNAME PASSWORD dynupdate noip com nic update hostname DOMAIN myip IP Username The username used when setting up the account Used to login to the Dynamic DNS service Password The password associated with the user...

Page 20: ...typical usage The total then can be extrapolated to estimate longer time periods This router updates these statistics once approximately every 30 seconds Press the Clear button to reset the totals to 0 Rx bytes The total number of bytes received by the modem from the cell network All statistics will be cleared automatically if this count exceeds 1 billion 1 000 000 000 Rx packets The total number ...

Page 21: ...ns where less capable equipment on the local LAN cannot cope with connections from multiple Host IP addresses Bind services to Eth IP UDP datagrams or TCP sockets from services inside the 645M Serial IO GPS normally appear to come from the interface LAN or WAN closest to the destination Enable this option to force the source address to be the LAN Ethernet IP address This can be useful if packets a...

Page 22: ...In many cases it is possible for the device to receive the same IP address after the lease time expires The default is set to 86400 seconds 1 day Sequential IP IP addresses are allocated sequentially from the start end range when checked Addresses are based on the device s hashed MAC address when unchecked this will tend to allocate the device the same IP address when connected to different 645M r...

Page 23: ...ll be forwarded to this IP address LAN port number Sets port number used when forwarding to the destination IP address Port forwarding configuration table This section contains user added port forwarding entries Edit Click the Edit button to edit an existing filter Delete Click the Delete button to delete an existing filter DMZ support DMZ is a host on the internal network that will receive all TC...

Page 24: ...n The user as defined filter number n match packet filter n The IP packet matches filter number n apply action n The action identified in filter number n Each criteria has an Any radio button that matches all values for that criteria Each criteria has an Exclude check box that inverts the sense of the match Filter number Each IP filter is identified by a unique number from 1 to 20 Use Add to creat...

Page 25: ... to the 645M unit LAN to 645M The IP packet is received from the LAN interface and is destined to the 645M unit WLAN to 645M The IP packet is received from the Wi Fi interface and is destined to the 645M unit An IP packet can ORIGINATE from the 645M unit 645M to WAN The IP packet is sent by the 645M unit to the WAN cellular interface 645M to LAN The IP packet is sent by the 645M unit to the LAN in...

Page 26: ...esses allowed to access the device and network whitelist or can be blocked from the device and network allowing all other addresses through blacklist LAN MAC filtering MAC filtering Select Allowed or Blocked to define the type of filter configured Name Name of the MAC filter rule MAC address Enter the MAC address for a device to be allowed or blocked on the network Comment Enter an optional commen...

Page 27: ...ying name for the entry in the Static Route table Destination IP address Sets the IP address of the destination network IP subnet mask Sets the subnet mask of the destination network Next hop Identifies how packets should be forwarded to reach the destination network If the destination network is reachable via LAN or PPTP tunnel a Gateway IP address must be specified If reachable via cell interfac...

Page 28: ... mode services Port Forwarding DMZ IP Filter MAC Filter Static Routes WLAN and Security services IPSEC GRE PPTP OpenVPN will not be available in this mode Select Disabled when you want normal working of 645M router All the router feature will be available in this mode Automatic subnet Select Enabled when you want the WAN subnet assigned by your ISP to be passed to device connected to Ethernet inte...

Page 29: ...onnectivity of 645M to configured DO server in IPP mode Remote HTTP Enabling this service will allow remote HTTP client to connect to 645M from WAN in IPP mode on configured port Remote HTTPS Enabling this service will allow remote HTTPS client to connect to 645M from WAN in IPP mode on configured port Remote SSH Enabling this service will allow remote SSH client to connect to 645M from WAN in IPP...

Page 30: ...The current IP address assigned to the modem by the VPN server Subnet mask Usually set to 255 255 255 255 but may be different depending on VPN P t P The PPTP P t P is the LAN address of your VPN server PPTP server Status The PPTP Server is either Enabled or Disabled based on user s selection on Security page Connected users Number of users currently connected to the PPTP Server IPsec tunnels Stat...

Page 31: ...ith the username required by the VPN server Encryption Selecting Use MPPE will enable Microsoft Point to Point Encryption for communication between the server and clients This option requires the MS CHAP or MS CHAPv2 protocol PTPP server configuration PPTP server Selecting Enable starts the VPN server and selecting Disable stops it Server local IP The IP address that clients will use to communicat...

Page 32: ...ord with associated username used by a client to log in to the server PPTP server user configuration table Displays list of user configured PPTP servers user credentials Edit Click Edit to edit the selected filter Delete Click Delete to delete a filter Figure 31 Security IPsec 3 4 3 IPSEC IPsec serves to configure secured communication tunnels The various tunnel configurations will be displayed in...

Page 33: ... IP Address More than one remote subnet can be specified each subnet must be separated by a comma and no spaces are allowed Example E One subnet 192 168 100 0 24 Many subnets 192 168 100 0 24 192 168 101 0 24 1 92 168 102 33 32 Local ID The IPSec server may require that your end of the tunnel identifies itself Configure this end if needed Local subnet Enter an IP address mask of the local LAN whos...

Page 34: ...ossible second IP network representing another remote user subnet Example E 192 168 15 0 24 3 4 4 GRE The GRE page is used to add and delete GRE Generic Route Encapsulation tunnels Current tunnels are listed below Up to two networks that lie beyond the tunnel may be specified and routes to those networks are automatically created when the tunnel is established Static local and remote IP addresses ...

Page 35: ...f the remote endpoint of the tunnel Remote server port Port configuration of the remote endpoint of the tunnel Persist key This option specifies whether to re read key files across SIGUSR1 or ping restarts Persist tunnel This option specifies whether to reopen TUN TAP device or run up down scripts across SIGUSR1 or ping restarts SIGUSR1 is a restart signal similar to SIGHUP but which offers finer ...

Page 36: ...sed on certificates Certificate format This option Specifies whether the certificate format is Pkcs 12 or standard If the selection made is Pkcs 12 then option to upload Pkcs file and option to enter passphrase come up Pkcs file It is a single file which is a combination of ca certificate client certificate and client key Passphrase Is used to decrypt the encrypted pkcs 12 file If the selection ma...

Page 37: ... CTS DSR Select how the DSR handshake line should be handled Always On On When Connected On When Available or Always Off DCD Select how the DCD handshake line should be handled Always On On When Connected or Always Off External PAD configuration The mode selection configures the service to listen on configured TCP or UDP port or connect to an external host as a TCP client Mode The TCP server and U...

Page 38: ... of the modem D1 D2 the state of the first two digital inputs 0 inac tive or 1 active A1 A2 the levels of the first two analog inputs in volts R1 R2 the state of the first two digital historically called relay outputs 0 ground or 1 open iostatus pw password Returns the following fields D1 through D7 the state of the seven digital inputs 0 inactive or 1 active A1 through A4 the levels of the four a...

Page 39: ... Sender 1 3 and then enter the address in the adjacent field If all three addresses are disabled then commands will be accepted from ALL senders Respond only to senders For security command responses including error messages can be restricted to be returned only to the registered Sender SMS addresses Replace country code This allows you to change the country that the responder uses which can be us...

Page 40: ...ed Log rotation count Number of archived files to keep Oldest file is abandoned when the rotation count is exceeded Log priority Define the depth of the information logged by the system logger facility for various 645M sub systems Options range from DEBUG most output to EMERGENCY least output Modem manager Log entries related to the cellular WAN connection GPS Log entries related to the GPS receiv...

Page 41: ...e current status log of the modem Log information is useful when contacting Eaton Technical Support to resolve operational problems The Download button provides a convenient way to save the log to the local PC 3 6 5 Kernel log The Kernel log page provides a way to capture the kernel log of the modem The Download button provides a convenient way to save the log to the local PC 3 645M web interface ...

Page 42: ...t in Volts Modem temperature Displays temperature of the Wireless Modem in Celsius Analog input status Analog input 1 4 Displays voltage of the specified analog input in Volts Digital input status Ignition and input 1 7 Displays the status of the specified input Active high state or Normal low state Digital output status Output 1 7 Displays if the specified output is open or ground 3 645M web inte...

Page 43: ...sed for accessing the read only Management Information Bases MIBs Read write community name The community string used for accessing all Management Information Bases MIBs including writable objects SNMP V3 User Name The user name for secure access to the Management Information Bases MIBs observing v3 standard Authentication Select the method for encoding the Authentication Password for accessing th...

Page 44: ...e events reporting Up to four destinations can be specified Server address IP address of server to which the trap events will be sent Server port The corresponding server port to which the trap events will be sent default 162 3 7 3 Settings Status Monitoring is provided via NMEA based protocol The ELPRO 645M I O subsystem operates according to a manager agent model The PC hosted manager sends requ...

Page 45: ...40 645M 4G LTE CELLULAR ROUTER MN032003EN March 2017 www eaton com Figure 42 I O settings settings 3 645M web interface ...

Page 46: ...arms and notifications can be sent to up to three SMS destination addresses Destination addresses are typically numeric digits only including the country code prefix The radio buttons above each destination address can be used to enable or disable each address entered in the adjacent field The report will consist of the Unit ID and colon if the Unit ID is not blank and the appropriate label from t...

Page 47: ...com Figure 43 I O settings labels 3 7 4 Labels Each diagnostic value can be user defined messages indicating its normal and abnormal conditions I O Labels can up to 64 characters long and can consist of letters digits space and the characters _ 3 645M web interface ...

Page 48: ...e Web Interface The password can be up to 32 characters long and can consist of any printable character except Note N Eaton strongly recommends that the default password be changed before the 645M is deployed on a public cellular network SSH access Listening port The SSH server s port number on the LAN side of the 645M The WAN side port number is changed in Admin Remote Admin Password authenticati...

Page 49: ... server Enable SSH Enable remote administration via Secure Shell Enable CLI Enable remote administration via CLI Enable SNMP Enable remote administration via the Simple Network Management Protocol Friendly IP address Specify what IP address is allowed to connect CIDR notation The default 0 0 0 0 0 allows all IP addresses to connect RADIUS authentication Enable or disable RADIUS authentication for ...

Page 50: ...emote Administration is enabled allowing remote access to the ELPRO 645M Web Interface and the Firmware Update page Image Enter the package file name or you may use the Choose File button to locate the file from your hard drive Import Image After selecting the package filename above press the Import Image button to begin the import process Note N Firmware Update the imported Firmware version has t...

Page 51: ... subnet Broadcast Address 192 168 1 255 reserved last IP address in subnet ELPRO 645M 192 168 1 50 24 PLC RTU 1 192 168 1 10 24 Computer 1 192 168 1 125 24 By changing the subnet mask the network can be made to include as many or as few IP addresses as desired Ethernet devices can only talk directly to other devices that have IP addresses within the same IP subnet For example Computer 1 from the e...

Page 52: ...llows the polling master to establish a data connection through the Internet The incoming polling message is forwarded by the 645M to the appropriate PLC or RTU on the 645M s local area network 4 5 DMZ Alternately DMZ can be enabled on the 645M router When DMZ is enabled all traffic destined to the 645M s cellular IP address that is received from the Internet is forwarded to the DMZ host The IP ad...

Page 53: ...l tunnels are created using the ESP Encapsulating Security Payload protocol Protocol interoperability means that an IPsec compliant device such as the 645M will be able to exchange keys and encrypted communications with another IPsec compliant product such as a CISCO router IPSEC compliance ensures that these two different products can negotiate and maintain a secure communication with each other ...

Page 54: ...l use the following values to define two IPsec tunnels Tunnel Label Tunnel1 Tunnel2 ELPRO 645M local subnet 10 192 10 192 29 LAN 10 192 10 192 29 LAN Firewall IP Address remote IP Address 68 28 128 192 68 28 128 192 VPN Server IP Address Remote ID 10 168 86 192 10 168 86 192 Remote Subnet 192 32 8 254 32 10 0 198 198 32 Phase1 Encryption 3DES MD5 Group2 3DES MD5 Group2 Phase 2 Encryption details 3...

Page 55: ...From the main navigation pane select Security and from the Security page select the IPsec tab Step 4 Select a name for the IPsec tunnel and enable it by checking the Enable box Step 5 IPsec tunnel configuration information for the tunnels Select a tunnel to configure by entering its name in the Name field Current values for that tunnel are displayed Changes do not take effect until you click Save ...

Page 56: ..._128 pfsgroup no pfs 117 ttunnel1 2 STATE_QUICK_I1 initiate 003 ttunnel1 2 ignoring informational payload type IPSEC_ RESPONDER_LIFETIME msgid 4328edc8 002 ttunnel1 2 Dead Peer Detection RFC 3706 enabled 002 ttunnel1 2 transition from state STATE_QUICK_I1 to state STATE_QUICK_I2 004 ttunnel1 2 STATE_QUICK_I2 sent QI2 IPsec SA established tunnel mode ESP 0x8e426351 0xaeeb3b44 xfrm 3DES_0 HMAC_MD5 N...

Page 57: ...ection Apply these parameter changes into the 645M LAN LAN Settings LAN Masquerade Disabled Figure 53 645M configured with a DMZ for VPN pass through Router DMZ Enabled Friendly IP Address 0 0 0 0 Destination IP Address CISCO Router VPN server LAN 1 IP Address Note N It is also possible to use port forwarding using configuration settings in the lower sections of this same tab instead of DMZ to con...

Page 58: ..._DATA One bit bus 9 GND GND 10 1BB_2_DATA One bit bus 11 GND GND 12 DIGITAL OUTPUT0 Open collector output 13 DIGITAL OUTPUT1 Open collector output 14 DIGITAL OUTPUT2 Open collector output 15 DIGITAL OUTPUT3 Open collector output 16 DIGITAL OUTPUT4 Open collector output 17 OUT_LED1 LED Driver 18 OUT_LED2 LED Driver 19 Analog input 1 Analog input HW ADC2 20 Analog input 2 Analog input HW ADC3 21 Ana...

Page 59: ...45M 4G LTE CELLULAR ROUTER MN032003EN March 2017 www eaton com 6 2 Input circuit for analog inputs 6 3 Simplified circuit for digital input 6 4 Simplified circuit for open collecter outputs 6 User I O port ...

Page 60: ...e Subscriber Identity kbps Kilobits per Second LAN Local Area Network LED Light Emitting Diode Mbps Megabits per Second MDN Mobile Directory Number ME Mobile Equipment MEI Mobile Equipment Identity MEID Mobile Equipment Identifier MHz Megahertz MSGPS Multi Satellite Global Positioning System NMEA National Marine Electronics Association NTP Network Time Protocol ODP Open Developers Platform OMA DM ...

Page 61: ...sed that a physical comparison be made to the modem and bracket before laying out and drilling mounting holes Table 11 Overall dimensions ELPRO 645M Dimension Inches Centimeters Height 1 90 4 83 Width 6 00 15 2 Depth 4 50 0 04 11 4 0 1 Depth Chassis only 4 28 10 9 Side tapped mounting hole location detail typical both sides 8 32 UNC 2B thread 0 30 in 0 76 cm depth 2 holes for mounting both sides 4...

Page 62: ...ELPRO 645M with DIN rail mount Dimension Inches Centimeters Height 2 20 5 92 Width 6 00 15 2 Depth 4 50 0 04 11 2 0 1 Depth Chassis only 4 28 10 9 Figure 56 ELPRO 645M with DIN rail mount overall dimensions DIN rail mount attaches to underside of unit as shown Appendix B Mechanical specifications ...

Page 63: ... housing except for the antenna must be installed in grounded conduit following acceptable wiring methods based on installation location and electrical code The USB and SIM connector is for temporary connection only during maintenance and setup of the device Do not use connect or disconnect unless area is known to be non hazardous Connection or disconnection in an explosive atmosphere could result...

Page 64: ...ers can be entered as well as alarming thresholds and being able to name the alarms Configuration Configuring this will allow you to SMS a message to the modem to turn on outputs or force an SMS status message of all its Inputs to be sent back to the sender You have the option to allow the modem to respond to any mobile number or you can configure up to three allowable senders Note Requires the co...

Page 65: ...el that has the specified label ipsecstop pw password tun label Stops the IPsec tunnel that has the specified label output pw password rn v Controls the relay outputs where r is r rly or relay n is 1 or 2 v is 0 o or open to open 1 c close or closed to close r and v can be in any case upper or lower Both relays can be set from one command e g output pw 12345678 r1 1 would turn the ON reset pw pass...

Page 66: ... of the document Table 13 Amendment register Issue No Date Details of Amendment 1 0 30 10 15 Draft Issue 1 1 2 4 16 Minor changes 1 2 15 9 16 Add 645 operation and I O connection diagrams 1 3 22 12 16 Added Extra I O 1 4 23 12 16 Amended wording for all modems Digital input Digital output I O Wiring Below are examples for wiring the I O connectors on the old Legacy 615M modems module connector Dig...

Page 67: ...eaton com BE SURE TO HAVE THE EQUIPMENT MODEL AND SERIAL NUMBER AND BILLING AND SHIPPING ADDRESSES ON HAND WHEN CALLING When returning a product mark the RMA clearly on the outside of the package Include a complete description of the problem and the name and telephone number of a contact person RETURN REQUESTS WILL NOT BE PROCESSED WITHOUT THIS INFORMATION For units in warranty customers are respo...

Page 68: ... Cleveland OH 44122 United States Eaton com 2017 Eaton All Rights Reserved Printed in USA Publication No MN032003EN CSSC 1608 3221 March 2017 Eaton is a registered trademark All trademarks are property of their respective owners ...