Operating Manual VIP4G VIP4G LTE Ethernet Bridge/Serial Gateway Document: VIP4G Operating Manual.v1.1.pdf August 2012 150 Country Hills Landing NW Calgary, Alberta Canada T3K 5P3 Phone: (403) 248-0028 Fax: (403) 248-2762 www.microhardcorp.
Important User Information Warranty Microhard Systems Inc. warrants that each product will be free of defects in material and workmanship for a period of one (1) year for its products. The warranty commences on the date the product is shipped by Microhard Systems Inc. Microhard Systems Inc.’s sole liability and responsibility under this warranty is to repair or replace any product which is returned to it by the Buyer and which Microhard Systems Inc. determines does not conform to the warranty.
Important User Information (continued) About This Manual It is assumed that users of the products described herein have either system integration or design experience, as well as an understanding of the fundamentals of radio communications.
Important User Information (continued) Regulatory Requirements WARNING To satisfy FCC RF exposure requirements for mobile transmitting devices, a separation distance of 23cm or greater for the VIP2400 utilizing a 3dBi antenna, or 3.5m or greater for the VIP5800 utilizing a 34dBi antenna, should be maintained between the antenna of this device and persons during device operation. To ensure compliance, operations at closer than this distance is not recommended.
CSA Class 1 Division 2 Option CSA Class 1 Division 2 is Available Only on Specifically Marked Units If marked this for Class 1 Division 2 – then this product is available for use in Class 1, Division 2, in the indicated Groups on the product. In such a case the following must be met: The transceiver is not acceptable as a stand-alone unit for use in hazardous locations. The transceiver must be mounted within a separate enclosure, which is suitable for the intended application.
Revision History Revision Description Initials Date 1.0 Initial Release PEH June 2012 1.1 Updated Screen shots, Firewall settings, added VPN settings PEH August 2012 © Microhard Systems Inc.
Table of Contents 1.0 Overview ......................................................................................................... 10 1.1 Performance Features ....................................................................................................... 10 1.2 Specifications ..................................................................................................................... 11 2.0 QUICK START ...................................................................................
Table of Contents 4.3 4.4 4.4 4.5 4.2.3 DHCP ....................................................................................................................... 43 LAN DHCP ............................................................................................................... 43 Static IP Addresses (For DHCP) .............................................................................. 44 Active DHCP Leases ...................................................................................
Table of Contents 4.6 Firewall ............................................................................................................................. 80 4.6.1 Status ....................................................................................................................... 80 4.6.2 General ..................................................................................................................... 81 4.6.3 Rules .....................................................................
1.0 Overview The VIP4G is a high-performance 4G LTE Cellular Ethernet & Serial Gateway with 802.11 a/ b/g/n WiFi capability, 4 Gigabit Ethernet Ports, 4x Digital I/O, and a fully complimented RS232/485/422 serial port. The VIP4G utilizes the cellular infrastructure to provide network access to wired and wireless devices anywhere cellular coverage is supported by a cellular carrier.
1.0 Overview 1.2 Specifications For detailed specifications, please see the specification sheets available on the Microhard website @ http:///www.microhardcorp.com for your specific model. Electrical/General Cellular: Supported Bands: 4G LTE AWS 700 MHz (with MIMO) Global Fallback to: HSPA+/UMTS 850/AWS/1900/2100 MHz GPRS 850/900/1800/1900 MHz Data Features: 4G LTE Up to 100 Mbps downlink Up to 50 Mbps uplink SIM Card: 1.8 / 3.0 V WiFi: Frequency: 2.4 GHz / 5.
1.0 Overview 1.2 Specifications (Continued) Environmental Operation Temperature: -40oF(-40oC) to 185oF(85oC) Humidity: 5% to 95% non-condensing Mechanical Dimensions: 5.65” (145mm) X 3.72” (95mm) X 1.20” (30mm) Weight: Approx.
2.0 Quick Start This QUICK START guide will walk you through the setup and process required to access the WebUI configuration window and to establish a basic wireless connection to your carrier. Note that the units arrive from the factory with the Local Network setting configured as ‘Static’ (IP Address 192.168.168.1, Subnet Mask 255.255.255.0, and Gateway 192.168.168.1), in DHCP server mode. (This is for the LAN Ethernet Adapter on the back of the VIP4G unit. 2.
2.0 Quick Start Connect A PC configured for DHCP directly to one of the LAN ETHERNET ports of the VIP4G, using an Ethernet Cable. If the PC is configured for DHCP it will acquire a IP Address from the VIP4G. Open a Browser Window and enter the IP address 192.168.168.1 into the address bar. The factory default network settings: 192.168.168.1 IP: 192.168.168.1 Subnet: 255.255.255.0 Gateway: 192.168.168.1 The IPn3G will then ask for a Username and Password.
2.0 Quick Start © Microhard Systems Inc. Once successfully logged in, the System Summary page will be displayed. As seen above under Carrier Status, the SIM card is installed, but an APN has not been specified. Click on the Carrier > Carrier TAB and enter the APN supplied by your carrier in the APN field. Some carriers may also require a Username and Password. Once the APN and any other required information is entered to connect to your carrier, click on “Submit”.
2.0 Quick Start © Microhard Systems Inc. On the Carrier > Status Tab, verify that a WAN IP Address has been assigned by your carrier. The Activity Status should also show “Connected”. Congratulations! Your VIP4G is successfully connected to your Cellular Carrier. The next section gives a overview on enabling and setting up the WiFi Wireless features of the modem giving 802.11 devices network access.
2.0 Quick Start 2.3 Getting Started with WiFi This Quick Start section walks users through setting up a basic WiFi AP (Access Point). For additional settings and configuration considerations, refer to the appropriate sections in the manual. This walkthrough assumes all setting are in the factory default state. 4G LTE 802.11g/n Cell Tower 2.3.1 Setting up WiFi Use Section 2.2 Getting Started with Cellular to connect, power up and log in and configure the Carrier in a VIP4G.
2.0 Quick Start 2.3.2 Connecting to WiFi © Microhard Systems Inc. Now that the VIP4G has connection to the Cellular Carrier (See Section 2.2) and the WiFI has been set up (See Section 2.3), WiFi devices should be able to detect and connect to the VIP4G. On a WiFi enabled PC/Device, the SSID of MyNetwork, that was created in the last example should be visible. Connect to that SSID and enter the password. Once connected the status should change to connected, and network access should be enabled.
2.0 Quick Start © Microhard Systems Inc. The status of the WiFi connection should also be visible in the Wireless > Status tab in the WebUI as seen below.
3.0 Hardware Features 3.1 VIP4G The VIP4G is a fully-enclosed unit ready to be interfaced to external devices. Image 3-1: Front View of VIP4G Image 3-2: Rear View of VIP4G Any VIP4G may be configured as an Access Point (Router or Bridge), Station/Client, Repeater or Mesh Node. This versatility is very convenient from a ’sparing’ perspective, as well for convenience in becoming very familiar and proficient with using the device: if you are familiar with one unit, you will be familiar with all units.
3.0 Hardware Features 3.1.1 Mechanical Drawings Drawing 3-1: VIP Top View Dimensions Drawing 3-2: VIP Front View Dimensions Drawing 3-3: VIP Rear View Dimensions Note: All dimension units: Millimeter & Inches (mm/inches) © Microhard Systems Inc.
3.0 Hardware Features 3.1.2 Connections 3.1.2.1 Front On the front of the VIP4G Series are, from left to right: Drawing 3-4: VIP4G Front View Caution: Using a power supply that does not provide proper voltage may damage the VIP4G unit. © Microhard Systems Inc. WAN port 10/100/1000 Ethernet RJ45 Connection. LAN port 3x - 10/100/1000 Ethernet RJ45 Connection.
3.0 Hardware Features 3.1.2.2 Rear Drawing 3-5: VIP4G Rear View CFG Button Holding this button for 8 seconds while the VIP4G is powered up and running, will cause the unit to reset and load factory default settings: IP: 192.168.168.1 Subnet: 255.255.255.0 Gateway: 192.168.1.1 With these settings a web browser can be used to configure the unit. Holding this button depressed while powering-up the VIP4G will boot the unit into FLASH FILE SYSTEM RECOVERY mode.
3.0 Hardware Features Serial Port (Continued) See Appendix A for a full description of the COM1 RS-232 interface functions. Pin Name No.
3.0 Hardware Features 3.1.3 Indicators Drawing 3-6: VIP4G Indicators CPU (Blue) ON indicates the CPU is running. POWER (Red) Illuminates when power is correctly applied to the unit. RSSI (3 LEDs) Indicate the received signal strength of the signal to the Cellular carrier. The number of LED’s illuminated indicate the strength of the signal, with all 3 being illuminated representing a strong signal. RF-ACT The RF Activity LED illuminates when there is activity on the WiFi wireless interface.
4.0 Configuration 4.0 Web User Interface Image 6-1: WebUI Initial configuration of an VIP4G using the Web User (Browser) Interface (Web UI) method involves the following steps: configure a static IP Address on your PC to 192.168.168.10 (or any address on the 192.168.168.X subnet other than the default IP of 192.168.168.
4.0 Configuration 4.0.1 Logon Window Upon successfully accessing the VIP4G using a Web Browser, the Logon window will appear. For security, do not allow the web browser to remember the User Name or Password. Image 4-2: Logon Window The factory default User Name is: admin The default password is: admin Note that the password is case sensitive. It may be changed (discussed further along in this section), but once changed, if forgotten, may not be recovered.
4.0 Configuration 4.1 System The main category tabs located at the top of the navigation bar separate the configuration of the VIP4G into different groups based on function. The System Tab contains the following sub menu’s: Summary - Settings - Access Control Services Maintenance - Reboot Logout - Status summary of entire radio including network settings, version information, and radio connection status.
4.0 Configuration 4.1.2 System > Settings System Settings Options available in the System Settings menu allow for the configuration of the Host Name. Image 4-5: System Settings > System Settings Host Name The Host Name must not be confused with the Network Name (SSID) (Wireless Configuration menu). The Network Name MUST be exactly the same on each wireless device within a VIP4G network. © Microhard Systems Inc. The Host Name is a convenient identifier for a specific VIP4G unit.
4.0 Configuration Time Settings The VIP4G can be set to use a local time source, thus keeping time on its own, or it can be configured to synchronize the date and time via a NTP Server. The options and menus available will change depending on the current setting of the Date and Time Setting Mode, as seen below. Network Time Protocol (NTP) can be used to synchronize the time and date or computer systems with a centralized, referenced server.
4.0 Configuration Timezone If connecting to a NTP time server, specify the timezone from the dropdown list. Values (selection) User Defined (or out of date) POSIX TZ String This displays the POSIX TZ String used by the unit as determined by the timezone setting. Values (read only) (varies) NTP Server Enter the IP Address or domain name of the desired NTP time server. Values (address) pool.ntp.org NTP Port Enter the IP Address or domain name of the desired NTP time server.
4.0 Configuration 4.1.3 System > Access Control Password Change The Password Change menu allows the password of the user ‘admin’ to be changed. The ‘admin’ username cannot be deleted, but additional users can be defined and deleted as required as seen in the Users menu below. Image 4-8: Access Control > Password Change New Password Enter a new password for the ‘admin’ user. It must be at least 5 characters in length. The default password for ‘admin’ is ‘admin’.
4.0 Configuration 4.1.3 System > Access Control Users Different users can be set up with customized access to the WebUI. Each menu or tab of the WebUI can be disabled on a per user basis as seen below. Image 4-9: Access Control > Users Username Enter the desired username. Minimum or 5 character and maximum of 32 character. Changes will not take effect until the system has been restarted.
4.0 Configuration 4.1.4 System > Services Available Services Certain services in the VIP4G can be disabled or enabled for either security considerations or resource/power considerations. The Enable/Disable options are applied after a reboot and will take affect after each start up. The Start/Restart/Stop functions only apply to the current session and will not be retained after a power cycle. Image 4-10: System > Services RSSI LED The VIP4G has the ability to turn off the RSSI LED’s.
4.0 Configuration 4.1.5 System > Maintenance Version Information Detailed version information can be found on this display. The Product Name, Firmware Version, Hardware Type, Build Version, Build Date and Build Time can all be seen here, and may be requested from Microhard Systems to provide technical support. Image 4-11: Maintenance > Version Information / Firmware Upgrade Firmware Upgrade Occasional firmware updates may be releases by Microhard Systems which include fixes and new features.
4.0 Configuration 4.1.5 System > Maintenance Reset to Default The VIP4G may be set back to factory defaults by using the Reset to Default option under System > Maintenance > Reset to Default. *Caution* - All settings will be lost!!! Image 4-12: Maintenance > Reset to Default / Backup & Restore Configuration Backup & Restore Configuration The configuration of the VIP4G can be backed up to a file at any time using the Backup Configuration feature.
4.0 Configuration 4.1.6 System > Reboot The VIP can be remotely rebooted using the System > Reboot menu. As seen below a button ‘OK, reboot now’ is provided. Once pressed, the unit immediately reboots and starts its boot up procedure. Image 4-13: System > Reboot © Microhard Systems Inc.
4.0 Configuration 4.1.7 System > Logout The logout function allows a user to end the current configuration session and prompt for a login screen. Image 4-14: System > logout © Microhard Systems Inc.
4.0 Configuration 4.2 Network 4.2.1 Network > Status The Network Status display gives a overview of the currently configured network interfaces including the Connection Type (Static/DHCP), IP Address, Net Mask, Default Gateway, DNS, and IPv4 Routing Table. Image 4-15: Network > Network Status © Microhard Systems Inc.
4.0 Configuration 4.2.2 Network > Networks Network Configuration The Networks menu is where the local Ethernet interfaces can be configured. Image 4-16: Network > Network Configuration © Microhard Systems Inc.
4.0 Configuration LAN Configuration The LAN submenu, along with the Wireless Configuration settings, are the minimum required when implementing any VIP4G network. It must be defined if the unit is to be either: DHCP: Dynamic Host Configuration Protocol may be used by networked devices (Clients) to obtain unique network addresses from a DHCP server. assigned an IP address (by a DHCP server), or given a static (unchanging) IP address.
4.0 Configuration Default Gateway A GATEWAY is a point within a network that acts as an entrance to another network. In typical networks, a router acts as a gateway. If the VIP4G is integrated into a network which has a defined gateway, then, as with other hosts on the network, this gateway’s IP address will be entered into this field.
4.0 Configuration 4.2.3 Network > DHCP DHCP Configuration > LAN DHCP DHCP: Dynamic Host Configuration Protocol may be used by networked devices (Clients) to obtain unique network addresses from a DHCP server. A VIP4G may be configured to provide dynamic host control protocol (DHCP) service to all attached (either wired or wireless (WiFi)-connected) devices.
4.0 Configuration Lease Time The DHCP lease time is the amount of time before a new request for a network address must be made to the DHCP Server. Values (minutes) (minutes) DHCP Configuration > Static IP Addresses (for DHCP) In some applications it is important that specific devices always have a predetermined IP address. This section allows for MAC Address binding to a IP Address, so that whenever the device that has the specified MAC address, will always get the selected IP address.
4.0 Configuration 4.2.4 Network > VLAN Network VLAN Configuration VLAN: Virtual LAN, used to separate networks logically, while utilizing a common infrastructure. This is useful to filter out any unwanted, or unneeded traffic , resulting in a more efficient use bandwidth, and enhanced security. The VIP4G has support to participate in VLAN networking, enabling the virtual separation of networks. The VIP4G allows the tagging, un-tagging and filtering of Ethernet frames on the LAN & Wireless Ports.
4.0 Configuration Management VLAN Specify which VLAN is used as the management VLAN. By default only vlan1 is listed until additional VLANs are created in the VLAN Configuration section below. Values (selection) vlan1 VLAN1 Configuration VLAN1 is the native VLAN for VIP4G. By default, all traffic will be added to VLAN1 unless specified otherwise by adding additional VLAN(s) for the LAN/Wireless Interfaces.
4.0 Configuration 4.2.5 Network > Routes Static Route Configuration It may be desirable to have devices on different subnets to be able to talk to one another. This can be accomplished with either a static route being defined, or in the case of being able to automatically share routing information using RIPv2, dynamic routing can be configured. Image 4-21: Network > Routes Name Routes can be names for easy reference, or to describe the route being added.
4.0 Configuration Gateway Specify the Gateway used to reach the network specified above. Values (IP Address) 192.168.168.1 Netmask Enter the Netmask for the destination network. Values (IP Address) 255.255.255.0 Metric In some cases there may be multiple routes to reach a destination. The Metric can be set to give certain routes priority, the lower the metric is, the better the route. The more hops it takes to get to a destination, the higher the metric. Values (Integer) 255.255.255.
4.0 Configuration 4.2.5 Network > GRE GRE Configuration The VIP4G supports GRE (Generic Routing Encapsulation) Tunneling which can encapsulate a wide variety of network layer protocols not supported by traditional VPN. This allows IP packets to travel from one side of a GRE tunnel to the other without being parsed or treated like IP packets. Image 4-22: Network > GRE Image 4-23: Network > GRE Name Each GRE tunnel must have a unique name. Up to 10 GRE tunnels are supported by the IPn3G.
4.0 Configuration GRE Tunnel Local Status Enable / Disable the GRE Tunnel. Values (selection) Disable / Enable Multicast Enable / Disable Multicast support over the GRE tunnel. Values (selection) Disable / Enable ARP Enable / Disable ARP (Address Resolution Protocol) support over the GRE tunnel. Values (selection) Disable / Enable TTL Set the TTL (Time-to-live) value for packets traveling through the GRE tunnel. Values (value) 1 - 255 Local Subnet Gateway This is the IP Address of the local network.
4.0 Configuration 4.2.7 Network > SNMP The VIP4G may be configured to operate as a Simple Network Management Protocol (SNMP) agent. Network management is most important in larger networks, so as to be able to manage resources and measure performance. SNMP may be used in several ways: SNMP: Simple Network Management Protocol provides a method of managing network devices from a single PC running network management software. Managed networked devices are referred to as SNMP agents.
4.0 Configuration SNMP Settings Image 4-24: Network > SNMP SNMP Operation Mode If disabled, an SNMP service is not provided from the device. Enabled, the device - now an SNMP agent - can support SNMPv1, v2, & v3. Values (selection) Disable / V1&V2c&V3 Read Only Community Name Effectively a plain-text password mechanism used to weakly authenticate SNMP queries. Being part of the community allows the SNMP agent to process SNMPv1 and SNMPv2c requests. This community name has only READ priority.
4.0 Configuration V3 User Read Write Limit Defines accessibility of SNMPv3; If Read Only is selected, the SNMPv3 user may only read information; if Read Write is selected, the SNMPv3 user may read and write (set) variables. Values (selection) Read Only / Read Write V3 User Authentication Level Defines SNMPv3 user’s authentication level: NoAuthNoPriv: No authentication, no encryption. AuthNoPriv: Authentication, no encryption. AuthPriv: Authentication, encryption.
4.0 Configuration 4.2.8 Network > sdpServer sdpServer Settings Microhard Radio employ a discovery service that can be used to detect other Microhard Radio’s on a network. This can be done using a stand alone utility from Microhard System’s called ‘IP Discovery’ or from the Tools > Discovery menu. The discovery service will report the MAC Address, IP Address, Description, Product Name, Firmware Version, Operating Mode, and the SSID.
4.0 Configuration 4.3 Carrier 4.3.1 Carrier > Status The Carrier Status window provides complete overview information related to the Cellular Carrier portion of the VIP4G. A variety of information can be found here, such as Activity Status, Network (Name of Wireless Carrier connected) , Data Service Type(2G/3G etc), Frequency band, Phone Number etc. Image 4-26: Carrier > Status Not all statistics parameters displayed are applicable.
4.0 Configuration 4.3 Carrier 4.3.2 Carrier > Settings The parameters within the Carrier Configuration menu must be input properly; they are the most basic requirement required by your cellular provider for network connectivity. Image 4-27: Carrier > Carrier Carrier Status Carrier Status is used to Enable or Disable the connection to the Cellular Carrier. By default this option is enabled.
4.0 Configuration SIM Pin The SIM Pin is required for some international carriers. If supplied and required by the cellular carrier, enter the SIM Pin here. Values (characters) (none) Technologies Type Set to ALL by default, the Technologies field allows the selection of 3GPP technologies (LTE), and or 3GPP2 technology (CDMA). Values (Selection) ALL 3GPP 3GPP2 Technologies Mode The Technologies Mode option allows a user the ability to specify what type of Cellular networks to connect to.
4.0 Configuration IP Address In some cases the Static IP address must be entered in this field if assigned by a wireless carrier. In most cases the IP will be read from the SIM card and this field should be left at the default value. Values (IP Address) (none) Authentication Sets the authentication type required to negotiate with peer. Values (Selection) PAP - Password Authentication Protocol. CHAP - Challenge Handshake Authentication Protocol.
4.0 Configuration 4.3 Carrier 4.3.3 Carrier > Keepalive The Keep alive tab allows for the configuration of the keep alive features of the VIP4G. The VIP4G can either do a ICMP or HTTP keep alive by attempting to reach a specified address at a regular interval. If the VIP4G cannot reach the intended destination, it will reset the unit in an attempt to obtain a new connection to the carrier. Image 4-28: Carrier > Keepalive Keep Alive Status Enable or Disable the keep alive functions in the VIP4G.
4.0 Configuration 4.3 Carrier 4.3.4 Carrier > Traffic Watchdog The Wireless Traffic Watchdog will detect if there has been no wireless traffic, or communication with the Cellular carrier for a configurable amount of time. Once that time has elapsed, the unit will reset, and attempt to re-establish communication with the cellular carrier. Image 4-29: Carrier > Traffic Watchdog Traffic Watchdog Enable or Disable the Traffic Watchdog.
4.0 Configuration 4.3 Carrier 4.3.5 Carrier > Dynamic DNS Unless a carrier issues a Static IP address, it may be desirable to use a dynamic DNS service to track dynamic IP changes and automatically update DNS services. This allows the use of a constant resolvable host name for the VIP4G. Image 4-30: Carrier > Traffic Watchdog DDNS Status This selection allows the use of a Dynamic Domain Name Server (DDNS), for the VIP4G.
4.0 Configuration 4.3 Wireless (WiFi) 4.3.1 Wireless > Status The Status window gives a summary of all radio or wireless related settings and connections. The General Status section shows the Wireless MAC address of the current radio, the Operating Mode (Access Point, Client, MESH etc), the SSID being used, frequency channel information and the type of security used. Traffic Status shows statistics about the transmitted and received data.
4.0 Configuration 4.3.2 Wireless > Radio1 Radio1 Phy Configuration The top section of the Wireless Configuration allows for the configuration of the physical radio module. You can turn the radio on or off, and select the channel bandwidth and frequency as seen below. Image 4-32: Wireless > Radio Configuration Radio This option is used to turn the radio module on or off. If turned off Wireless connections can not be made. The default is On.
4.0 Configuration High Throughput Mode Select HT20 for a 20MHz channel, or HT40 for a 40 MHz Channel. The 40MHz channel is comprised of 2 adjacent 20MHz channels and the + and—designate to use the higher or lower of the adjacent channels. Values (selection) HT20 HT40HT40+ Advanced Capabilities (Only shown if box is checked) MPDU Aggregation (Enable/Disable) - Allows multiple data frames to be sent in a single transmission block, allowing for acknowledging or retransmitting if errors occur.
4.0 Configuration RTS Thr (256 ~ 2346) Once the RTS Threshold defined packet size is reached, the system will invoke RTS/CTS flow control. A large RTS Threshold will improve bandwidth, while a smaller RTS Threshold will help the system recover from interference or collisions caused by obstructions. Values (selection) On / OFF Fragment Thr (256 ~ 2346) The Fragmentation Threshold allows the system to change the maximum RF packet size.
4.0 Configuration Mode There are four available selections for the unit’s mode of operation: Access Point - An Access Point may provide a wireless data connection to many clients, such as stations, repeaters, or other supported wireless devices such as laptops etc. Values (selection) Access Point Client Repeater Mesh Point Station/Client - A Station may sustain one wireless connection, i.e. to an Access Point.
4.0 Configuration TX Power This setting establishes the transmit power level which will be presented to the antenna connectors at the rear of the VIP4G. Unless required, the Tx Power should be set not for maximum, but rather for the minimum value required to maintain an adequate system fade margin. Refer to FCC (or as otherwise applicable) regulations to ascertain, and not operate beyond, the maximum allowable transmitter output power and effective isotropic radiated power (EIRP).
4.0 Configuration Encryption Type Security options are dependent on the version type. This section describes all available options. Export versions may not have all optional available to meet regulatory requirements set government policies. WEP: Wired Equivalency Privacy is a security protocol defined in 802.11b. It is commonly available for Wi-Fi networks and was intended to offer the equivalent security of a wired network, however, it has been found to be not as secure as desired.
4.0 Configuration 4.4 Comport 4.4.1 Comport > Status The Status window gives a summary of the Serial port on the VIP4G. The Status window shows if the com port has been enabled, how it is configured (Connect As), and the connection status. Image 4-35: Comport > Comport Status © Microhard Systems Inc.
4.0 Configuration 4.4 Comport 4.4.2 Comport > Settings This menu option is used to configure the serial device server for the serial communications port. Serial device data may be brought into the IP network through TCP, UDP, or multicast; it may also exit the VIP4G network on another VIP Series’ serial port. The fully-featured RS232 interface supports hardware handshaking. Image 4-36: Comport > Settings Configuration © Microhard Systems Inc.
4.0 Configuration Com1 Port Status Select operational status of the Com1 Serial Port. The port is disabled by default. Values (selection) Disabled / Enable Channel Mode Determines which serial interface shall be used to connect to external devices: RS232, RS485, or RS422. When an interface other than RS232 is selected, the DE9 port will be inactive.
4.0 Configuration Pre-Data Delay Refer to Drawing 6A on the preceding page. Values (time (ms) ) 100 Post-Data Delay Refer to Drawing 6A on the preceding page. Values (time (ms) ) 100 Date Mode This setting defines the serial output data framing. In Transparent mode (default), the received data will be output promptly from the VIP4G. Values (selection) Seamless / Transparent When set to Seamless, the serial port server will add a gap between data frames to comply with the MODBUS protocol for example.
4.0 Configuration No-Connection Data When enabled the data will continue to buffer received on the serial data port when the radio loses synchronization. When disabled the VIP4G will disregard any data received on the serial data port when radio synchronization is lost. Values (selection) Disable / Enable MODBUS TCP Status This option will enable or disable the MODBUS decoding and encoding features.
4.0 Configuration IP Protocol Config This setting determines which protocol the serial server will use to transmit serial port data over the VIP4G network. The protocol selected in the IP Protocol Config field will determine which configuration options appear in the remainder of the COM1 Configuration Menu. The protocol selected in the IP Protocol Config field will determine which configuration options appear in the remainder of the COM1 Configuration Menu.
4.0 Configuration IP Protocol Config (Continued…) TCP Client/Server: In this mode, the VIP4G will be a combined TCP Client and Server, meaning that it can both initiate and serve TCP connection (session) requests. Refer to the TCP Client and TCP Server descriptions and settings described previously as all information, combined, is applicable to this mode. A UDP or TCP port is an application end-point.
4.0 Configuration IP Protocol Config (Continued…) UDP Point-to-Multipoint (MP): This protocol is selected on the units which are to receive multicast UDP packets, typically the Remote units. See the previous description of UDP Point-to -Multipoint (P). In a Point-to-Multipoint (PMP) network topology which is to utilize UDP multicast, typically the MASTER would be configured as ’(P)’ (the POINT) and the REMOTES would be configured as ’(MP)’ (the MULTIPOINTS).
4.0 Configuration IP Protocol Config (Continued…) SMTP Client: If the VIP4G has Internet access, this protocol may be used to send the data received on the serial port (COM1), in a selectable format (see Transfer Mode (below)), to an email addressee. Both the SMTP Server and the e-mail addressee must be ‘reachable’ for his feature to function. SMTP: Simple Mail Transport Protocol is a protocol used to transfer mail across an IP network. Mail Subject Enter a suitable ‘e-mail subject’ (e-mail heading).
4.0 Configuration 4.5 I/O 4.5.1 I/O > Status I/O Status The VIP4G has 4 status inputs, which can be used with various alarms and sensors for monitoring, telling the modem when certain events have occurred, such as an intrusion alarm on a door, a temperature threshold has been exceed, or a generator has failed, out of fuel. Also included are 4 outputs, that can be used to drive external relays to remotely control equipment and devices.
4.0 Configuration 4.5 I/O 4.5.2 I/O > OUTPUT OUTPUT Configuration Each of the 4 Outputs can be controlled separately, allowing a user to remotely trigger an event. Image 4-38: I/O > OUTPUT © Microhard Systems Inc.
4.0 Configuration 4.6 Firewall 4.6.1 Firewall > Status Firewall Status allows a user to see detailed information about how the firewall is operating. The All, Filter, Nat, Raw, and Mangle options can be used to view different aspects of the firewall. Image 4-39: Firewall > Status © Microhard Systems Inc.
4.0 Configuration 4.6.2 Firewall > General The General Firewall settings allow users to enable or disable the firewall, and to decide which areas of the modem to protect. The Firewall can also be reset to factory defaults from this area of the WebUI. Image 4-40: Firewall > General Firewall Status When enabled, the firewall settings are in effect. When disabled, none of the settings configured in the menu’s below have an effect, the modem is “open”.
4.0 Configuration WAN Request When Blocked the VIPn4G will block all requests from devices on the WAN unless specified otherwise in the Access Rules, MAC List, IP List configurations. Access to ports 80 (HTTP) and 443 (HTTPSif enabled), is still available unless disabled in the WAN Remote Management option.
4.0 Configuration 4.6.3 Firewall > Rules Once the firewall is turned on, rules configuration can be used to define specific rules on how local and remote devices access different ports and services. MAC List and IP List are used for general access, and are applied before rules are processed. Image 4-41: Firewall > Rules Rule Name The rule name is used to identify the created rule. Each rule must have a unique name and up to 10 characters can be used.
4.0 Configuration Source IP If a valid IP/Network address is specified, the action will apply against that address; otherwise, leaving the default value of 0.0.0.0/0 in this field results in the action applying to all source IP addresses. Values (IP Address) 192.168.0.0/255.255.255.0 Destination Zone Select the zone which is the intended destination of the data traffic.
4.0 Configuration 4.6.4 Firewall > Port Forwarding Port forwarding can be used to forward traffic coming in from the 4G and/or WAN to a specific IP Address and Port on the LAN. Port forwarding can be used in combination with other firewall features, but the Firewall must be enabled for Port forwarding to be in effect. Image 4-42: Firewall > Port Forwarding DMZ Mode Enable or disable DMZ Mode. DMZ can be used to forward all traffic to the DMZ Server IP listed below.
4.0 Configuration Name This is simply a field where a convenient reference or description is added to the rule. Each Forward must have a unique rule name and can use up to 10 characters. Values (10 chars) Forward Source Select the source for the DMZ traffic, either 4G or from WAN. Values (selection) 4G / WAN Internal Server IP Enter the IP address of the intended internal (i.e. on LAN side of VIP4G) server. This is the IP address of the device you are forwarding traffic to. Values (IP Address) 192.168.
4.0 Configuration 4.6.5 Firewall > MAC-IP List MAC List configuration can be used to control which physical LAN devices can access the ports on the VIP4G, by restricting or allowing connections based on the MAC address. IP List configuration can be used to define who or what can access the VIP4G, by restricting or allowing connections based on the IP Address/Subnet. MAC-IP List can be used alone or in combination with LAN to WAN/4G Access Control to provide secure access to the physical ports of the VIP4G.
4.0 Configuration Firewall MAC List Configuration (Continued) Action The Action is used to define how the rule handles the connection request. ACCEPT will allow a connection, while REJECT (error) and DROP (quietly dropped), will refuse connections. Values (selection) ACCEPT DROP REJECT Firewall IP List Configuration Rule Name The Rule Name field is required to give the rule a convenient name for reference. Each rule must have a unique name, up to 10 characters in length.
4.0 Configuration 4.7 Multicast Multicast Configuration Multicast can be enabled or disabled for the VIP4G. This section allows for the configuration of the Multicast feature. Image 4-44: Multicast Mode Enable or Disable Multicast in the VIP4G Values (selection) Disable / Enable Rate Use the drop down selection to chose the Multicast rate. Values (selection) 6 9 12 18 © Microhard Systems Inc.
4.0 Configuration Name Provide a name for the Multicast configuration. Used as reference. Values (characters) Disable / Enable Local IP Local LAN IP Address of the VIP4G interface connected to the Multicast Device/Source. Values (IP Address) 192.168.2.1 Remote IP IP Address of the remote LAN IP of the VIP4G/VIP Series in which to send the multicast data. Values (IP Address) 192.168.5.1 Source IP IP Address of the Multicast PC/Device. Values (IP Address) 192.168.2.
4.0 Configuration 4.8 QoS 4.8.1 QoS > Status QoS Status gives a visual overview of the QoS configuration as seen below. Image 4-45: QoS > Status © Microhard Systems Inc.
4.0 Configuration 4.8.2 QoS > Class The QoS class menu allows a user to enable or disable the QoS service. In addition, it is possible to fine tune the different class rates, ceiling, and burst limits for each class. Image 4-46: QoS > Class QoS Mode Use this option to enable or disable the QoS features of the VIP4G. By default QoS is not enabled. Values (selection) Enable / Disable © Microhard Systems Inc.
4.0 Configuration 4.8.3 QoS > Local This tab is used to actually assign data to a QoS class. You can customize the QoS rules to match the desired operation. Image 4-47: QoS > Local Interface Select the interface (LAN / WAN / 4G) in which the QoS applies. Values (selection) LAN / WAN / 4G Target Select the target class for the QoS rule, the class specifics can be modified in the Class menu. Values (selection) High Medium_high Medium Medium_low Low Source IP Enter the source IP.
4.0 Configuration Destination IP Enter the destination IP Address. Values (IP Address) (IP Address) Protocol Select the protocol type, TCP, UDP or ICMP. Values (selection) TCP UDP ICMP Destination Port Enter the port number for the destination. Values (port#) port # Ports Enter the port number. Values (port#) port # © Microhard Systems Inc.
4.0 Configuration 4.8.4 QoS > Interface This tab is used to configure the LAN, WAN and 4G interfaces for QoS. Image 6-48: QoS > Interface QoS Interface LAN / WAN / 4G Configuration. Interface Mode Enable or Disable QoS on the selected interface. Values (selection) Enable / Disable Target Select the target class for the QoS rule, the class specifics can be modified in the Class menu. Values (selection) High Medium_high Medium Medium_low Low Bandwidth Enter the Bandwidth.
4.0 Configuration 4.9 VPN 4.9.1 VPN > Summary A Virtual Private Network (VPN) may be configured to enable a tunnel between the VIP4G and a remote network.. The VIP4G supports VPN IPsec Gateway to Gateway (site-to-site) tunneling, meaning you are using the VIP4G to connect a tunnel to network with VPN capabilities. The IPn3G can also operate as a L2TP Server, allowing users to VPN into the unit from a remote PC, and a L2TP Client. Image 4-49: VPN > Summary © Microhard Systems Inc.
4.0 Configuration 4.9.2 VPN > Gateway To Gateway (Site-to-Site) Image 4-50: VPN > Gateway to Gateway Tunnel Name Enter a name for the VPN Tunnel. Up to 16 different tunnels can be created, each requiring a unique name. Values (chars) tunnel1 Enable Used to enable (checked) is disable (unchecked) the VPN tunnel. Values (checkbox) Enable (Checked) © Microhard Systems Inc.
4.0 Configuration Local Group Setup Gateway IP Address Displays the IP address of the VIP4G, which is the local VPN Gateway. Values (IP Address) Current IP Address Subnet IP Address Define the local network by specifying the local subnet. Values (IP Address) Subnet Mask Specify the subnet mask of the local network address. Values (IP Address) 255.255.255.0 Group Server IP In cases where a firewall is present, it may be required to specify the server IP.
4.0 Configuration IPsec Setup Phase 1 DH Group Select value to match the values required by the remote VPN router. Values (selection) modp1024 modp1536 modp2048 Phase 1 Encryption Select value to match the Phase 1 Encryption type used by the remote VPN router. Values (selection) 3des aes aes128 aes256 Phase 1 Authentication Select value to match the Phase 1 Authentication used by the remote VPN router.
4.0 Configuration IPsec Setup Phase 2 Authentication Select value to match the Phase 1 Authentication used by the remote VPN router. Values (selection) md5 sha1 Phase 2 SA Life Time Select value to match the values required by the remote VPN router. Values 3600 Preshared Key Set the Preshared Key required to authenticate with the remote VPN router. Values (characters) password DPD Delay(s) Dead Peer Detection is used to detect if there is a dead peer. Set the DPD Delay (seconds), as required.
4.0 Configuration 4.9.3 VPN > Client To Gateway (L2TP Client) The VIP4G can operate as a L2TP Client, allowing a VPN connection to be made with a L2TP Server. Image 4-51: VPN > Client to Gateway Tunnel Name Enter a name for the VPN Tunnel. Up to 16 different tunnels can be created, each requiring a unique name. Values (chars) tunnel1 Enable Used to enable (checked) is disable (unchecked) the VPN tunnel. Values (checkbox) Enable (Checked) © Microhard Systems Inc.
4.0 Configuration Local Gateway The 4G IP Address is shown here and cannot be changed. Values (IP Address) Current IP Remote Gateway Enter the IP Address of the Remote Gateway. Values (IP Address) none Remote Server ID Enter the Remote Server ID as required by the L2TP server. Values none Remote Subnet IP Enter the Remote Subnet IP.
4.0 Configuration 4.9.4 VPN > L2TP Server Image 4-52: VPN > L2TP Server Enable Used to enable (checked) is disable (unchecked) the L2TP Server. Values (checkbox) Enable (Checked) Server IP Address Enter the WAN or 4G IP address on which the L2TP server is to run. Values (IP Address) Current IP Address IP Address Range Start - IP Address Range End Define the range of IP addresses that can be assigned by the L2TP Server. Values (IP Address) IPSec Setup - See previous sections for additional info.
4.0 Configuration 4.9.5 VPN > VPN Client Access For VPN L2TP Server operation, users will be required to provide a username and password. Use VPN Client Access to set up the required users. Image 4-53: VPN > VPN Client Access Username Enter a username for the user being set up. Values (characters) New Password Enter a password for the use. Values (characters) Confirm New Password Enter the password again, the VIP4G will ensure that the password match. © Microhard Systems Inc.
4.0 Configuration 4.10 Tools 4.10.1 Tools > Discovery Network Discovery The Network discovery tool allows the VIP4G to send a broadcast to all VIP4G/VIP Series units on the same network. Other units on the network will respond to the broadcast and report their MAC address, IP address (With a hyperlink to that units WebUI page), description, firmware version, operating mode, and the SSID (regardless of whether it was set to broadcast or not).
4.0 Configuration 4.10.2 Tools > Site Survey Wireless Survey The Wireless Survey feature will scan the available wireless channels for any other 802.11 wireless networks in proximity to the VIP4G. The Survey will display the Channel number the other networks are operating on, the MAC address, Encryption Type, Frequency and general signal level and quality information. This can be useful for finding available networks, or troubleshooting connection and sensitivity problems.
4.0 Configuration 4.10.3 Tools > Ping Network Tools Ping The Network Tools Ping feature provides a tool to test network connectivity from within the VIP4G unit. A user can use the Ping command by entering the IP address or host name of a destination device in the Ping Host Name field, use Count for the number of ping messages to send, and the Packet Size to modify the size of the packets sent. Image 4-56: Tools > Ping © Microhard Systems Inc.
4.0 Configuration 4.10.4 Tools > TraceRoute Network TraceRoute The Trace Route command can be used to provide connectivity data by providing information about the number of hops, routers and the path taken to reach a particular destination. Image 4-57: Tools > TraceRoute © Microhard Systems Inc.
4.0 Configuration 4.10.5 Tools > Network Traffic Network Traffic Monitor Tool The Tools > Network Traffic tab displays a graphical display of all data Traffic on the VIP4G. br-lan Shows an overview of all data sent or received by the VIP4G. A summary of the data of the current day and the current month is shown. br-lan / hourly Shows the traffic volumes (TX = green, RX = grey) at hourly intervals during the current 24 hour period.
Appendix A: Serial Interface Module (DCE) Host (e.g. PC) (DTE) Signal DCD 1 2 RX 3 4 DTR 5 SG 6 7 TX DSR RTS 8 CTS IN IN OUT Arrows denote the direction that signals are asserted (e.g., DCD originates at the DCE, informing the DTE that a carrier is present). The interface conforms to standard RS-232 signals, so direct connection to a host PC (for example) is accommodated.
Appendix C: Firmware Upgrade / Recovery Package upgrade or recovery upgrade can be used. Package upgrade will keep settings intact. Recovery upgrade will upgrade a unit completely, it can also be used to recovery from a corrupted system. Package upgrade (*.
150 Country Hills Landing NW Calgary, Alberta Canada T3K 5P3 Phone: (403) 248-0028 Fax: (403) 248-2762 www.microhardcorp.com © Microhard Systems Inc.
