NetModule NetBox NB1310, User Manual

Page 1: ...ireless Routers NB2210 NB2600R NetModule AG Niederwangen Switzerland Copying this document or parts of it is prohibited User Manual NetBox Wireless Routers 26 Apr 2012 NB1310 NB2500 NB2600 Meriedweg 11 CH 3172 Niederwangen Switzerland info netmodule com http www netmodule com Tel 41 31 985 25 10 Fax 41 31 985 25 11 User Manual NetBox NB1310 ...

Page 2: ...User Manual NetBox Wireless Routers 26 Apr 2012 2 110 ...

Page 3: ...2 4 2 Pin Assignments 18 2 5 NB2600R 19 2 5 1 Operating Elements and Interfaces 19 2 5 2 Pin Assignments 21 3 Application Overview 22 3 1 Mobile Internet Access 22 3 2 Access to a Remote Network 22 3 3 Virtual Private Networks VPN 22 4 Installation 23 4 1 Environmental Conditions 23 4 2 Installation of the Router 23 4 2 1 Installation of the SIM Card s 23 4 2 2 Installation of the UMTS GSM Antenna...

Page 4: ... Parameters 102 6 Software Interfaces 103 6 1 GPS Server 103 6 1 1 Berlios GPS Server 103 6 1 2 NetModule GPS Server 103 6 2 Digital I O Server 105 6 2 1 Monitor the digital inputs and outputs 105 6 2 2 Set digital outputs 105 6 2 3 Get status of digital inputs and output 105 6 3 HTTP Service Interface 105 6 3 1 Command Set 105 6 3 2 Responses 107 6 3 3 Examples 108 7 Troubleshooting 109 7 1 Error...

Page 5: ...over voltage transient levels below 1500 Volts according to IEC 60950 1 TNV 1 circuit levels using safety ap proved components Use only with certified CSA or equivalent power supply which must have a limited and SELV circuit out put The NetBox Wireless Routers are designed for indoor use Do not expose the communication module to extreme ambient conditions Protect the communication module against d...

Page 6: ...his product meets the National Radio Interface and the requirements specified in the National cy Allocation Table for Italy Unless operating within the boundaries of the owner s property NetModule declares that under our own responsibility the products NetBox Wir less Routers comply with the relevant standards following the provisions of the Council Directive 1999 5 EC The signed Declarations of C...

Page 7: ...rom the center of Ny Ålesund 1 4 6 Russian Federation Frequency Range MHz Power EIRP Restrictions 2400 0 2483 5 100 mW 20 dBm Only for indoor applications 5150 5250 100 mW 20 dBm Permitted to use only for indoor applications closed industrial and warehouse areas and on board aircraft 5250 5350 100 mW 20 dBm 1 Permitted to use for local networks of aircraft crew service communications on board airc...

Page 8: ...conds during run time A solid light indicates a connected GSM or UMTS network The device is trying to register to a GSM or UMTS network Ethernet port A solid light indicates a connected Ethernet link A flashing light indicates Ethernet activity SIM socket for the SIM card The device is ready The device is not powered and or does not start up Voltage feed connector 9 21 VDC Polarity SMA female conn...

Page 9: ...ower feed through Ethernet Power can be carried over the spare pairs RJ45 pin 4 5 7 8 only It is simplified PoE not compliant with IEEE802 3af standard Power feed through data pairs RJ45 pins 1 2 3 6 is not allowed this can destroy the device Required parameters of PoE power injector Output voltage 18 21VDC Polarity on spare pairs RJ45 pin 4 5 7 8 can be either Output current min 600mA at 18VDC Re...

Page 10: ...red and or does not start up blinking fast Restart triggered by watchdog Front Signal Strength green on 1 LED on weak signal 2 LEDs on medium signal 3 LEDs on strong signal 4 LEDs on very strong signal off No or insufficient signal running Software update Front GSM green on Mobile connection is being established on Mobile connection is up off Mobile connection is down Front IN1 IN2 green on Input ...

Page 11: ...inputs Please consider the polarity Top OUT1 OUT2 Digital outputs 2 relay outputs Bottom ETH Ethernet port The default IP address is set to 192 168 1 1 Bottom COM RS232 Sub D 9 port The factory default is 115200 Baud 8 Data Bits no parity 1 Stop Bit Bottom SIM 1 SIM socket Right ANT GSM antenna connector Impedance 50 Ohm Connector SMA female Table 3 NB2210 Physical interfaces 2 2 2 Pin Assignments...

Page 12: ...o not connect 3 TxD Data 4 DTR Do not connect 5 GND GND 6 DSR Do not connect 7 RTS Do not connect 8 CTS Data 9 RI Data Table 4 Pin assignment COM port 26 Apr 2012 RS485 Do not connect Do not connect Data Do not connect Do not connect Do not connect Figure 3 Sub D 9pol plug female 12 110 D 9pol plug female ...

Page 13: ... start up on 1 LED on weak signal 2 LEDs on medium signal 3 LEDs on strong signal 4 LEDs on very strong signal off No or insufficient signal running Software update blinking slowly Mobile connection is being established on Mobile network connection is up off Mobile network connection is down blinking slowly Mobile connection is being established on WLAN connection is up off WLAN connection is down...

Page 14: ...e 50 Ohm Connector SMA female Back COM RJ45 port Sub D 9 on earlier models RS232 default or RS485 configurable Back Ethernet Ports 4 port Ethernet switch The default IP address is set to 192 168 1 1 Back Power Voltage feed connector 9 32 VDC Back Link Activity Ethernet Ports green on Physical link off No physical link flashing Data transmission Back Speed 10 100 Ethernet Ports green on Data rate 1...

Page 15: ... 1 TX 2 TX 3 RX 4 5 6 RX 7 8 Table 6 Pin assignment Ethernet 2 3 2 3 Serial Pin RS232 RS485 1 RTS Do not connect 2 DTR Do not connect 3 TXD Do not connect 4 GND GND 5 GND GND 6 RXD Do not connect 7 DSR RxD TxD 8 CTS RxD TxD Table 7 Pin assignment COM port Figure 5 RJ45 Figure 4 RJ45 ...

Page 16: ...ered Power is missing blinking slowly This indicates one of the following conditions 1 is starting up 2 loading a new configuration initiated by Web Manager The device is ready blinking fast Restart triggered by watchdog The device does not start up 1 LED on weak signal 2 LEDs on medium signal 3 LEDs on strong signal 4 LEDs on very strong signal No or insufficient signal Software update blinking s...

Page 17: ... connector Impedance 50 Ohm Connector SMA female GPS antenna connector Impedance 50 Ohm Connector SMA female Support for active and passive GPS antennas WLAN antenna connector Impedance 50 Ohm Connector SMA female RJ45 port RS232 default or RS485 configurable 4 port Ethernet switch The default IP address is set to 192 168 1 1 Voltage feed connector 12 24 V on Physical link off No physical link fla...

Page 18: ...ignment power plug 2 4 2 2 Ethernet Pin Signal 1 TX 2 TX 3 RX 4 5 6 RX 7 8 Table 9 Pin assignment Ethernet 2 4 2 3 Serial Pin RS232 RS485 1 RTS Do not connect 2 DTR Do not connect 3 TXD Do not connect 4 GND GND 5 GND GND 6 RXD Do not connect 7 DSR RxD TxD 8 CTS RxD TxD Table 10 Pin assignment COM port Figure 7 RJ45 Figure 6 RJ45 ...

Page 19: ...on weak signal 2 LEDs on medium signal 3 LEDs on strong signal 4 LEDs on very strong signal off No or insufficient signal running Software update Mobile UMTS GSM green blinking slowly Mobile connection is being established on Mobile network connection is up off Mobile network connection is down WLAN green blinking slowly Mobile connection is being established on WLAN connection is up off WLAN conn...

Page 20: ...with at least 6mm2 cupper area Avoid corrosion Protect the screws against loosening Power M12 power socket max current 1A Nominal voltages 24VDC 36VDC and 48VDC according to EN50155 Voltage range 20VDC to 50VDC 15 20 Galvanic isolation of the power supply isolation voltage 1500V Maximum power consumption 6W Digital I O Digital inputs and outputs socket UMTS GSM antenna socket Impedance 50 Ohm Conn...

Page 21: ...50V 2 Not connected 3 VGND 4 Not connected 2 5 2 2 Ethernet Pin Signal 1 Tx 2 Rx 3 Tx 4 Rx 2 5 2 3 Digital I 0 Pin Signal 1 In1 2 In1 3 In2 4 In2 5 Out1 Dry contact relay Normally open 6 7 Out2 Dry contact relay Normally closed 8 Image 1 M12 4 pole A coded Image 2 M12 4 pole D coded Image 3 M12 8 pole A coded ...

Page 22: ...e Universal Mobile Telecommunications System UMTS High Speed Packet Access HSPA includ ing HSDPA and HSUPA General Packet Radio Service GPRS Enhanced Data rates for GSM Evolution EDGE Circuit Switched Data CSD 3 2 Access to a Remote Network NetBox can be used to access a remote network Possible setups are Access via public IP address Access via NetBox initiated VPN Access via CSD Dial in 3 3 Virtu...

Page 23: ...ket 1 Make sure the SIM is suitable for data transmission 4 2 2 Installation of the UMTS GSM Antenna NetBox Wireless Routers will only operate reliably over the GSM network if there is a good signal For many applications the flexible stub antenna provided will be suitable but in some circumstances it may be necessary to use a remote antenna with an extended cable to allow the antenna itself to be ...

Page 24: ...guration steps usually include 1 defining the admin password 2 entering the PIN code for the SIM card 3 configuring the Access Point Name APN 4 start the mobile connection Step Description 1 Please connect the Ethernet interfaces of your computer and the NetBox 2 If not yet enabled please enable the Dynamic Host Configuration Protocol DHCP so that your computer can lease an IP address from NetBox ...

Page 25: ...sword Definition Please set a password for the admin user account Choose something that is both easy to remember and a strong password such as one that contains numbers letters and punctuation The password shall have a minimum length of 6 characters It shall contain a minimum of 2 numbers and 2 letters ...

Page 26: ...er Manual NetBox Wireless Routers 26 Apr 2012 26 110 5 1 2 Home This page gives you a system overview It helps you when initially setting up device but also functions as dashboard during normal operation ...

Page 27: ...over to the next link in the priority list You can configure each link to be either established when the switch occurs or permanently in order to mini mize link downtime Parameter Description 1st priority This link will be used if ever possible 2nd priority The first fallback technology You can hold it ready faster or establish it only when the fallback actually occurs 3rd priority The second fall...

Page 28: ...GSM UMTS in order to qualify the link as a fallback alternative WLAN The required signal strength for WLAN in order to qualify the link as a fallback alternative Signal strength LED shows Specify whether the Signal strength LEDs on the NB2500 NB2600 NB2600R front panel shall indicate the WLAN or mobile signal strength ...

Page 29: ...ed in bytes that a computer or communications device can handle in a single unfragmented piece For optimum communications the number of bytes in the data segment and the headers must not add up to more than the number of bytes in the maximum transmission unit MTU Parameter Description MSS adjustment The maximum segment size MSS for the mobile interface ...

Page 30: ...ed The facto ry defaults are as follows Combined mode LAN Ports Network NetBox IP Address Port 1 2 3 4 5 192 168 1 0 24 192 168 1 1 Mixed mode LAN WAN Ports Network NetBox IP Address Port 1 3 NB2500 Port 1 4 NB2600R 192 168 1 0 24 192 168 1 1 Port 4 NB2500 NB2600 Port 5 NB2600R 192 168 2 0 24 192 168 2 1 Separated mode LANs Ports Network NetBox IP Address Port 1 192 168 1 0 24 192 168 1 1 Port 2 1...

Page 31: ...User Manual NetBox Wireless Routers 26 Apr 2012 31 110 Port Settings For every Ethernet port the link negotiation can be set In most cases auto negotiation will work ...

Page 32: ...less Routers 26 Apr 2012 32 110 5 1 3 2 2 IP Settings Define the NetBox LAN Usually the first address within that LAN is assigned to the router Provide that IP address and net mask in dot decimal notation or use the defaults ...

Page 33: ...t the IP configuration will be retrieved from an exter nal DHCP server Status Enable or disable the PPPoE connection User name PPPoE user name Password PPPoE password Service name Specifies the service name set on the access concentrator Leave it blank unless you have many services and need to specify the one you need to connect to Access concentrator name This may be left blank and the client wil...

Page 34: ...User Manual NetBox Wireless Routers 26 Apr 2012 34 110 5 1 3 2 2 2 LAN 10 ...

Page 35: ...od waits for traffic coming from the LAN going to the WAN The permanent method keeps up the mobile interface In case of link loss the connection is reestablished Redial attempts Number of redialing attempts before switching to the next profile Dial on demand idle timeout Time in minutes after that an idle connection will be disconnected when working with dial on demand Operational connection statu...

Page 36: ...se Challenge Handshake Authentication Protocol CHAP or Password Au thentication Protocol PAP Call to ISDN Check this if the connection is made to an ISDN modem IP Header Compression Enable or disable Van Jacobson TCP IP Header Compression for PPP In or der to benefit of this features the mobile operator must support it Software Compression Enable or disable PPP data compression In order to benefit...

Page 37: ...tion is disabled It is not recommended to disable PIN protection since a SIM card thief could misuse an unprotected SIM Parameter Description PIN code The PIN code for the SIM card PIN protection Enable or disable PIN protection SMS center number Number of Short Message Service Centers SMSCs for sending Mobile Originat ing MO SMS messages Contact your mobile operator or search the Internet if you ...

Page 38: ...User Manual NetBox Wireless Routers 26 Apr 2012 38 110 Parameter Description Network selection Choose automatic or manual provider network selection For manual selection please specify the provider ...

Page 39: ...5 1 3 4 1 WLAN Administration WLAN is enabled or disabled on this page 5 1 3 4 2 WLAN Configuration The WLAN interface can be operated in client or access point mode In client mode it will be an additional WAN link in access point mode it will serve as WLAN access point ...

Page 40: ...User Manual NetBox Wireless Routers 26 Apr 2012 40 110 5 1 3 4 3 WLAN Network List ...

Page 41: ...property specifies the parity used with every frame that is transmitted or re ceived Stop bits This property specifies the number of stop bits used to indicate the end of a frame Software support In XON XOFF software flow control either end can send a stop XOFF or start XON character to the other end to control the rate of incoming data Hardware flow control In RTS CTS hardware flow control the co...

Page 42: ... Routers 26 Apr 2012 42 110 5 1 3 6 Digital I O The digital inputs and outputs can be monitored and controlled via the Web Manager or by software See section 6 2 Digital I O Server on how to control inputs and outputs by software ...

Page 43: ...in dotted dec imal or host network names Mask The network s IP address together with its address mask defines a range of IP addresses For IP subnets the address mask is referred to as the subnet mask For host routes the mask is all ones in dotted decimal 255 255 255 255 Gateway Next hop gateway the next router which knows how to reach the destina tion Interface Identity of network interface throug...

Page 44: ...reless Routers 26 Apr 2012 44 110 5 1 5 Firewall 5 1 5 1 Access Control 5 1 5 1 1 Access Control for Local Host The access from the WAN interface to NetBox itself and its local applications can be managed using this filter ...

Page 45: ...N and OpenVPN The access from the WAN interface to a defined Exposed Host can be managed using this filter The same can be done on the second tab for the OpenVPN interface Parameter Description Exposed host Enter the IP Address of the device that is to expose Leave this field blank to disa ble the feature ...

Page 46: ... LAN Having the Ethernet ports split into multiple LANs this filter manages the access from any LAN port to any VPN Tunnel Use the option specify permitted networks to permit access to certain networks Those networks might be any peer networks of a VPN tunnel or the WAN interface to get direct Internet access ...

Page 47: ...n external user to reach a port on a private IP address inside the LAN from the outside Internet Parameter Description NAPT status Enable or disable NAPT NAPT needs to be enabled normally i e when using Internet Access Internet Service Providers will not route your private LAN Addresses Service name User defined Name for the NAPT entry External port External IP port mobile interface Local host Che...

Page 48: ...ormally i e when using Internet Access Internet Service Providers will not route your private LAN Addresses Service name User defined Name for the NAPT entry External port External IP port mobile interface Local host Check this box to forward traffic to local host service Webserver SSH Telnet To forward traffic to an external host in the LAN provide the host address below Host address Host to whic...

Page 49: ...User Manual NetBox Wireless Routers 26 Apr 2012 49 110 5 1 5 3 Expert Mode Upload text files with firewall rules ...

Page 50: ... and client certificates Prepare the OpenVPN certificate files Use the tools and documentation that come with the OpenVPN software A Guide to basic RSA Key Management is found under http openvpn net easyrsa html For alternative authentication methods see http openvpn net index php documentation howto html auth For more information also see http openvpn net howto html Please make sure that the NetB...

Page 51: ...configuration Authentication method Use certificates or user name password First server address First OpenVPN server address First server port First OpenVPN server port default 1194 Second server address Second OpenVPN server address optional Second server port Second OpenVPN server port optional VPN device type tun or tap Compression Enable or disable OpenVPN compression ...

Page 52: ...onfiguration upload takes a zip file which may include one or more OpenVPN client configurations Typically such a zip file includes files such as client conf The client configuration file referring to ca crt OpenVPN root certificate file client crt OpenVPN client certificate file client key OpenVPN private key file The name of the configuration file here client conf can be chosen freely but the ex...

Page 53: ...uration files To configure multiple server processes i e multiple conf files each referring to its certificates you should place all files belonging to a single tunnel process into a subfolder or make sure that there are no naming conflicts If OpenVPN is enabled and the configuration mode is set to server expert configuration all configura tions conf will be started after NetBox startup Consider t...

Page 54: ...ns by authenti cating and or encrypting each IP packet in a data stream IPsec also includes protocols for cryptographic key establishment IPsec can be used to create Virtual Private Networks VPN and this is the dominant use 5 1 6 2 1 IPsec Administration Parameter Description IPsec administrative status Enable or disable IPsec 5 1 6 2 2 IPsec Configuration ...

Page 55: ...User Manual NetBox Wireless Routers 26 Apr 2012 55 110 ...

Page 56: ...ication and dynamic IP addresses aggressive mode is the only choice IKE encryption IKE encryption method IKE hash IKE hash method IKE Diffie Hellman Group IKE Diffie Hellman Group Perfect Forward Secrecy PFS Use Perfect Forward Secrecy This feature increases security as with PFS penetration of the key exchange protocol does not compromise keys negotiated earlier Local ID Local ID Remote ID Remote ...

Page 57: ...cause it is easy to configure and it was the first VPN protocol that was supported by Microsoft Dial up Networking Users that are allowed to connect to the PPTP server are defined under the section User Accounts Parameter Description PPTP state Enable disable PPTP server PPTP address range start Address range start for PPTP server PPTP address range size Address range size for PPTP server ...

Page 58: ... Description Dial in administrative status The Dial in server can be enabled or disabled Consequently the device will allow incoming calls or not Dial in operational status Shows whether a connection is active or not 5 1 6 4 2 Dial in Server Configuration Parameter Description Address range start Start address of the range for the dial in server Address range size Number of addresses that the dial...

Page 59: ...iption COM server status The COM server ModBus gateway can be enabled or disabled 5 1 7 1 2 COM Server Configuration Parameter Description Port The port that is used by this application Protocol on TCP IP Telnet or TCP raw for COM server applications Modbus TCP for ModBus gateway Protocol on COM port The protocol implicitly defined on the COM port ...

Page 60: ...the ping monitor application Parameter Description Host 1 Reference host 1 to which IP connectivity is checked by sending probes Host 2 Reference host 2 to which IP connectivity is checked by sending probes option al The test is considered successful if host 1 or 2 answers Source IP address Source IP address to be used as source of the ping probes Monitoring interval The time to wait before sendin...

Page 61: ... DHCP Server Administration Parameter Description DHCP server status The Dynamic Host Configuration Protocol DHCP server can be enabled or disa bled If it is enabled it will answer to DHCP requests of devices in the LAN 5 1 7 3 2 DHCP Server Configuration Parameter Description Address range start Address range start for DHCP server Address range size Address range size for DHCP server DNS server 1...

Page 62: ...4 DNS Proxy Server The DNS Proxy enabled NetBox forwards DNS requests to the DNS server provided by the mobile opera tor Devices within the NetBox LAN may be configured to use NetBox as DNS server Parameter Description DNS proxy server status Enabled or disabled ...

Page 63: ...disable the Dynamic DNS Client 5 1 7 5 2 Dynamic DNS Configuration Parameter Description Service type DynDNS Service according Dynamic Network Services Inc www dyndns com Please consult www dyndns com for more details Host name URL under which NetBox will be available e g myNetBox dyndns org Server address Server IP Address or URL normally members dyndns org Server port TCP Port of the Dynamic DNS...

Page 64: ...abled Disabling the e mail client means that no notification via e mail will be performed 5 1 7 8 E mail Client Configuration Parameter Description From e mail address Sender s e mail address Server address SMTP server address Server port Default port for SMTP is 25 Authentication required If enabled NetBox will logon to SMTP server before sending e mails User name User name Password Password ...

Page 65: ...IP PPP connection down PPP connection down PPP connection failure PPP failure to connect Error reported PPP_ERR See manual and logs to identify the problem VPN connection established VPN connection up tun0 tap0 interface address VPN_IP VPN connection down VPN connection down VPN connection failure VPN failure to connect See logs to identify the problem Dial in connection established Dial in connec...

Page 66: ... from DIO_SOURCE Digital Output 1 off Output change OUT1 is Off changed from DIO_SOURCE Digital Output 2 on Output change OUT2 is On changed from DIO_SOURCE Digital Output 2 off Output change OUT2 is Off changed from DIO_SOURCE The following event variables will be replaced within event texts as follows Event Variables Description PPP_IP The current IP address on the mobile interface ppp0 PPP_ERR ...

Page 67: ... or e mail event notifications It is possible to create groups and fill them with users and other groups This mechanism let you send event notifications to multiple destinations users 5 1 7 9 3 Event Processor Notifications can be generated or digital outputs can be set based on the occurrence of several events ...

Page 68: ...h a data package is separated into two lines The first line contains GPS data in the GPGGA format the second line contains GPRMC data For more information on the GPS data stream see chapter 6 1 Parameter Description GPS status Enable or disable GPS data stream GPS destination host name The host where the GPS data will be sent to GPS destination host name The IP port where the GPS data will be sent...

Page 69: ...n state up down current IP address of the mobile ppp interface current IP address of the VPN interface if enabled connect This will initiate a Dial out connection over GSM and the VPN connection if enabled and trigger sending an SMS with the following information current IP address of the PPP interface current IP address of the VPN interface if enabled The profile name is an optional parameter dis...

Page 70: ...4 1 31496 10 10 31 NB2500 1 3 6 1 4 1 31496 10 10 42 NB2500R 1 3 6 1 4 1 31496 10 10 43 NB2540 1 3 6 1 4 1 31496 10 10 40 NB2541 1 3 6 1 4 1 31496 10 10 41 NB2600 1 3 6 1 4 1 31496 10 10 44 NB2600R 1 3 6 1 4 1 31496 10 10 45 Up to now the Netbox extensions contain support for rebooting the device updating to a new system software via FTP TFTP HTTP updating to a new system configuration via FTP TFT...

Page 71: ...n01 192 168 1 1 1 3 6 1 4 1 31496 10 40 11 0 s http server directory REMARK configUpdate expects a zip file named serial number zip in the specified directory which contains at least a user config zip On NB2xxx TFTP HTTP and FTP are supported NB1600 also accepts HTTPS Specifying a username password or port is not yet supported get configuration update status snmpget v 3 u snmpadmin n l authNoPriv ...

Page 72: ... to Trap target port The port where the traps will be sent to Signal strength trap threshold dBm A trap will be sent if signal strength goes lower than this Signal strength trap reactivation threshold dBm No further traps will be sent as long as signal strength his not higher than this SNMP traps are generated in the following situations if the SNMP agent is enabled Startup of the NetBox Shutdown ...

Page 73: ...rriving UDP packets with a string in the payload If an UPD package is arriving the event Arriving UDP Message is fired see chapter 5 1 7 9 1 Events Use the Event Manager 5 1 7 9 Event Manager to forward the mes sage UDP payload to a SMS or E mail destination 5 1 7 17 Unstructured Supplementary Services Data USSD Unstructured Supplementary Services Data USSD is a GSM service that allows high speed ...

Page 74: ...User Manual NetBox Wireless Routers 26 Apr 2012 74 110 5 1 7 18 Web Server Parameter Description HTTP port Web server port for http connections HTTPS port Web server port for https connections ...

Page 75: ...ge where they have to authenticate against locally configured users or remotely over RADIUS Parameter Description Administrative Status Enable or disable the captive portal Authentication Mode Define whether user must accept by pressing a button or they have to au thenticate to a RADUIS server Walled Garden Address Requests to this address are not being checked ...

Page 76: ...the user accounts on the device The user admin is a built in power user that has permission to access both the Web Manager and the Di al in server Any other user defined user only has permission for dial in connections Parameter Description User name Define a user name Enter password Define a password Re enter password Confirm the password ...

Page 77: ...ate based authentication client crt certificate_mode OpenVPN client certificate file client key certificate_mode OpenVPN private key file templateProfiles updating provider database 5 1 8 3 1 Automatic File Configuration Parameter Description Status Enable disable automatic configuration update Time of day Every day at this time NetBox will do a check for updates Mode Update over mobile or Etherne...

Page 78: ...ial_mode ca crt certificate_mode client crt certificate_mode client key certificate_mode templateProfiles if available New configuration files The following files are accepted for upload cfg max size 100KB zip max size 100KB The zip file may include user config cfg ca crt credential_mode ca crt certificate_mode client crt certificate_mode client key certificate_mode templateProfiles For further in...

Page 79: ...ation will be lost This action can also be initiated by pressing and holding the Reset button for at least five seconds The factory reset will also set the IP address of the Ethernet interface to 192 168 1 1 You will be able to communicate again with the device using the default network parameters 5 1 8 4 Troubleshooting 5 1 8 4 1 Network Debugging ...

Page 80: ...be viewed a downloaded here Please provide these files when placing a support request 5 1 8 4 3 System Log Redirection Parameter Description IP address The host where the syslog messages will be forwarded to A tiny syslog server is included in TFTP32 which can be downloaded from our website ...

Page 81: ...User Manual NetBox Wireless Routers 26 Apr 2012 81 110 5 1 8 4 4 Restart ...

Page 82: ...User Manual NetBox Wireless Routers 26 Apr 2012 82 110 5 1 8 4 5 Tech Support ...

Page 83: ...ystems over packet switched variable latency data networks NetBox can synchronize its system time with a NTP server If enabled time synchronization is done after the mobile interface is up but before starting any VPN con nections Later on time synchronization is performed every 60 minutes Parameter Description NTP state Enable disable time synchronization NTP server Host name of NTP server NTP ser...

Page 84: ... loss of configuration and inac cessibility of the device 5 1 8 5 1 Automatic Software Update Parameter Description Status Enable disable automatic software update Time of day Every day at this time NetBox will do a check for updates Mode Update over mobile or Ethernet Interface Protocol Specify the protocol used to transfer the new software to NetBox You will need an appropriate server Server IP ...

Page 85: ... the new software to NetBox You will need an appropriate server Server IP address and path Provide a host name and a path to a server which hosts the new software For local updates TFTP this value is limited to 26 characters Last software update The result of the last try will be displayed here Step by Step Step Description 1 Connect your PC with NetBox using a network cable 2 If the IP address ha...

Page 86: ...of the TFTP server 192 168 1 2 as follows 6 Press Apply and confirm by pressing OK Wait until the update is complete See the progress bar Do not unplug the power connector during the update 7 Check the results of the update Refreshing the page or even reopening the browser win dows may avoid cache problem In case of success Software update successful will be displayed otherwise an error message 5 ...

Page 87: ... Overview The Command Line Interface mainly provides functions to read and write values of the NetBox configura tion parameters In addition the CLI provides functions to query status information Command Return Description cli get string Read values of one or more specified configuration parameters cli set void Write values of one or more specified configuration parameters cli network string Show a...

Page 88: ...ueried parameter Note cli get invalidKey returns no error message cli set cli set is used to assign values to configuration parameters Arguments include all configuration keys as described in chapter 3 2 Usage set key1 value1 key2 value2 Example cli set user admin password admin02 cli set produces no return value and no error message To check if the modifica tion took place use cli get Note cli se...

Page 89: ... The following commands are identical cli select automatic and cli select automatic sim1 Note The following commands have the same effect cli select automatic sim1 and cli set networkselection mode automatic cli select automatic sim2 and cli set networkselection sim2 mode automatic cli select manual cli select manual selects the network provider defined by the supplied Local Ar ea Identity LAI for...

Page 90: ... of the NAPT service on the vpn if cli status overview networks openvpn_state show the state of the OpenVPN connection cli status overview networks ipsec_state show the state of the IPsec connection cli status overview networks pptp_state show the state of the PPTP server cli status overview services show the status of all services cli status overview services dyndns_state show the state of the Dy...

Page 91: ...parameter consists of two main parts its name latter called key and its value The user configuration file contains all parameters Download this file user config cfg using the Web Manager to get all parameters listed NetModule has defined some types of parameters that are often used The table below shows the de fined parameter types In addition other types of parameters may exist Parameter Type All...

Page 92: ...vider de fined by the supplied Local Area Identity LAI dialout connectionMethod 0 0 2 0 manual only 1 dial on demand 2 permanent dialout connSetup redialAttempt 2 1 4294967296 Redial attempts dialout connSetup idleTimeout 1 1 35791394 Idle timeout in minutes in case of dial on demand dialout profiles 0 name void username Profile name dialout profiles 0 username void username Username dialout profi...

Page 93: ...profile dialout profiles 1 ISDN void 0 1 0 normal call 1 is ISDN call dialout profiles 1 switchCondition never never elpas8h elaps16h elaps24h redialAttemptsReach ed Condition for profile switch network MSS status 0 0 1 0 disabled 1 enabled network MSS adjustment 1400 100 1500 Maximum Segment Size 5 2 4 3 Digital I O Parameter Default Value Range Description digitalIO receiving tcpPort 2158 1 6553...

Page 94: ...pt_mobile j status 1 0 1 0 disabled 1 enabled napt_mobile j isRedirect 0 0 1 0 redirect to other host 1 redirect to localhost 5 2 6 2 NAPT on OpenVPN Interface Parameter Default Value Range Description napt_openvpn status with j 0 49 1 0 1 0 NAPT off 1 NAPT on napt_openvpn j extPort void 1 65535 External port range start napt_openvpn j intPort void 1 65535 External port range end napt_openvpn j in...

Page 95: ...ll firewall_exposed_host_mobile host void hostname The exposed host firewall_exposed_host_mobile j target with j 0 19 void hostname Source host net firewall_exposed_host_mobile j mask void netmask 5 2 6 5 Access Control List for Exposed Host on OpenVPN Interface Parameter De fault Value Range Description firewall_exposed_host_openvpn policy 1 0 1 2 0 deny all 1 permit entries 0 permit all firewall...

Page 96: ...Status 1 0 1 0 disabled 1 enabled vpn configuration username void username For credential based authentication vpn configuration password void password For credential based authentication 5 2 7 2 IPsec Parameters Parameter Default Value Range Description ipsec status 0 0 1 0 disabled 1 enabled ipsec remote serverIp void ipaddress ipsec remote lanAddress void Ipaddress ipsec remote lanMask 255 255 ...

Page 97: ...address Address range start network PPTP AddressRangeSize 5 2 254 Address range size 5 2 7 4 Dial in Server Parameter Default Value Range Description dialin status 0 0 1 0 Dial in disabled 1 Dial in enabled dialin configuration addressRangeStart 192 168 254 1 ipaddress Address range start dialin configuration addressRangeSize 254 2 254 Address range size dialin disableNapt 0 0 1 0 off 1 Disable NA...

Page 98: ...srv opt xonxoff void 0 1 0 disabled 1 enabled serial_srv opt rtscts void 0 1 0 disabled 1 enabled serial_srv opt phys_proto RS232 RS232 RS485 5 2 8 2 DNS Proxy Server Parameter Default Value Range Description network DNS status 1 0 1 0 DNS Proxy off 1 DNS Proxy on 5 2 8 3 DHCP Server Parameter Default Value Range Description network DHCP status 1 0 1 0 DHCP server off 1 DHCP server on network DHCP...

Page 99: ...tatus 0 0 1 0 disabled 1 enabled sms sending gateway void phone number SMSC number sms sending sim2 gateway void phone number SMSC number 5 2 8 6 E Mail Parameters Parameter Default Value Range Description email sending status 0 0 1 0 disabled 1 enabled email sending smtp host void hostname email sending smtp port void 1 65535 email sending smtp from void email From E mail Address email sending sm...

Page 100: ...rd Event Message events digitalInput1_Off message void password Event Message events digitalInput2_Off message void password Event Message events digitalOutput1_On message void password Event Message events digitalOutput2_On message void password Event Message events digitalOutput1_Off message void password Event Message events digitalOutput2_Off message void password Event Message events udpMessa...

Page 101: ...alue Range Description sshServer port 22 1 65535 5 2 8 11 Telnet Server Parameter Default Value Range Description telnetServer port 23 1 65535 5 2 8 12 Web Server Parameter Default Value Range Description webServer http port 80 1 65535 webServer https port 443 1 65535 5 2 8 13 UDP Message Receiver Parameter Default Value Range Description udpMessage receiving udpPort 2157 1 65535 5 2 8 14 Keep Ali...

Page 102: ...us 1 0 1 0 disabled 1 enabled 5 2 9 3 Time Synchronization Parameter Default Value Range Description network NTP status 1 0 1 0 disabled 1 enabled network NTP server swisstime ethz ch hostname NTP server network NTP server2 void hostname Backup NTP server network timezone UTC 2 UTC 12 UTC 12 Time zone 5 2 9 4 Software Update Parameter Default Value Range Description swu_man url ipaddress swu_auto ...

Page 103: ...ple Data GPGGA 154250 4749 8678 N 00871 8469 E 1 06 0 0 498 M 0 0 M 6A CR LF No Name Data Description 1 Sentence Identifier GPGGA Global Positioning System Fix Data 2 Time time UTC of position fix 3 Latitude latitude N S Latitude of fix 4 Longitude longitude E W Longitude of fix 5 Fix Quality quality 0 Invalid 1 GPS fix 6 estimated 6 Number of Satellites satellites Number of satellites in view 7 H...

Page 104: ...W Longitude of fix 8 Speed speed Speed over ground in knots 9 Course course Track made good in degrees True 10 Date date UT date 11 Magnetic variation 0 0 E Not available Value 0 0 E 12 Mode mode A autonomic valid E estimated N not valid 13 Checksum CS Used by program to check for transmis sion errors 14 White spaces CR LF Carriage return and line feed 6 1 2 3 PNMID NetModule Proprietary Sentence ...

Page 105: ...turn output 2 off 00000011 Turn output 1 on turn output 2 on 6 2 3 Get status of digital inputs and output To get the states of the digital I O send the following pattern as ASCII characters Pattern Description 00010000 Request a message with all states 6 3 HTTP Service Interface The HTTP Service Interface is designed to administrate the NetBox with a self written http client It is available from ...

Page 106: ...akes the same parameters as the CLI GET cli php set parameters Takes the same parameters as the CLI GET cli php sw update path value Starts a local software update from a TFTP server GET cli php reboot Restarts the NetBox GET login php usr user pwd password Login to the HTTP Service Interface with supplied cre dentials GET logout php Logout from the HTTP Service Interface GET download php file fil...

Page 107: ... version with cli php status to verifiy whether it was successful or nor not 0 maximum length of path is 26 characters 0 syntax error Wrong syntax after in sw update param eters GET cli php reboot 1 reboot initiated A restart has been initiated GET login php usr user pwd pa ssword 1 already logged in 1 already logged in but supplied credentials do not match Already logged in but supplied creden ti...

Page 108: ...config zip Content Type appli cation x zip compressed Media A zip archive containing one or more of the following files can be uploaded To run OpenVPN in certificate based mode all certificate files are required user config cfg the main con figuration file ca crt certificate_mode OpenVPN root certificate file client crt certificate_mode OpenVPN client certificate file client key certificate_mode O...

Page 109: ...ing SIM missing Insert a SIM card PIN code required Insert the PIN code on the SIM page Connection failed See the Debug Log under Check APN phone number username password 7 2 System Log and Log Files Find more information about troubleshooting tools on page 79 The Web Manager provides varions de bugging tools under SYSTEM Troubleshooting 7 3 Network Protocol Analyzer Via the Linux Shell bash the p...

Page 110: ...nical online support under http www netmodule com support The Website also provides a download area where you can download the newest software and documen tation For support requests please use the support form http www netmodule com support supportform aspx 8 2 Feedback Please send comments about NetBox to netbox support netmodule com ...