- DL manuals
- RACOM
- Network Router
- MG102i
- Operating Manual
RACOM MG102i Operating Manual - 6. Installation
6. Installation
6.1. Mounting
M!DGE/MG102i Wireless Router is designed for a DIN rail mounting or on a panel using flat bracket.
Please consider the safety instructions in Chapter 10,
Safety, environment, licensing
6.2. Antenna mounting
M!DGE/MG102i Wireless Routers will only operate reliably over the GSM network if there is a strong
signal. For many applications the flexible stub antenna provided would be suitable but in some circum-
stances it may be necessary to use a remote antenna with an extended cable to allow the antenna itself
to be positioned so as to provide the best possible signal reception. RACOM can supply a range of
suitable antennas.
Beware of the deflective effects caused by large metal surfaces (elevators, machine housings, etc.),
close meshed iron constructions and choose the antenna location accordingly. Fit the antenna or
connect the antenna cable to the GSM antenna connector.
In external antennas the surge protection of coaxial connection would be required.
Note
Be sure that the antenna was installed according to the recommendation by the antenna
producer and all parts of the antenna and antenna holder are properly fastened.
6.3. Power supply
MG102i can be powered with an external power source capable of voltages from 10 to 55 Volts DC.
MG102i should be powered using a certified (CSA or equivalent) power supply, which must have a
limited and SELV circuit output.
MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
22
Installation
Summary of MG102i
Page 1
Operating manual . Mg102i gprs/umts/hspa+/lte router . 1.5 11/12/2015 www.Racom.Eu racom s.R.O. • mirova 1283 • 592 31 nove mesto na morave • czech republic tel.: +420 565 659 511 • fax: +420 565 659 512 • e-mail: racom@racom.Eu.
Page 3: Table Of Contents
Table of contents important notice .................................................................................................................................. 5 getting started .......................................................................................................................
Page 4: List Of Figures
8.14. Running shell commands ............................................................................................... 136 8.15. Cli commands history .................................................................................................... 136 8.16. Cli–php ............................
Page 5: Important Notice
Important notice copyright © 2014 racom. All rights reserved. Products offered may contain software proprietary to racom s. R. O. (further referred to under the ab- breviated name racom). The offer of supply of these products and services does not include or inply any transfer of ownership. No part ...
Page 6: Getting Started
Getting started mg102i wireless routers will only operate reliably over the cellular network if there is a strong signal. For many applications a flexible stub antenna would be suitable but in some circumstances it may be necessary to use a remote antenna with an extension cable to allow the antenna...
Page 7: 1. Mg102I Router
1. Mg102i router 1.1. Introduction although mg102i wireless routers have been specifically designed for scada and telemetry, they are well suited to variety of wireless applications. Mg102i hw and sw are ready to maintain reliable and secure connections from an unlimited number of remote locations t...
Page 8: 1.3. Standards
Interfaces • 5 ethernet ports: lan, wan/lan • rs232 • 2× di, 2× do • usb host diagnostic and management • web interface, cli available • file configuration • ota sw update • advanced troubleshooting • sms remote control, sms and e-mail notification • snmpv1/v2c/3 1.3. Standards en 301 489-1 v1.9.2 e...
Page 9: 2. Mg102I In Detail
2. Mg102i in detail fig. 2.1: mg102i front and terminal panel all mg102i wireless routers run mg102i software. Software offers the following key features: • interfaces and connection management (section 7.2, “interfaces”) ○ dial-out (permanent, on switchover) ○ link supervision ○ fallback to backup ...
Page 10
○ ntp server ○ dhcp server ○ dns server ○ dynamic dns client ○ e-mail client ○ notification via e-mail and sms ○ sms client ○ ssh/telnet server ○ snmp agent ○ web server ○ gps daemon (with valid gps license) ○ redundancy • system administration (section 7.7, “system”) ○ configuration via web manager...
Page 11: 3. Implementation Notes
3. Implementation notes 3.1. Ethernet scada protocols scada equipment with an ethernet protocol behaves as standard ethernet equipment from a commu- nications perspective. Thus the communication goes transparently through the gprs/umts/lte network. The implementation requires heightened caution to i...
Page 12: 4. Product
4. Product 4.1. Dimensions 178 190 165 50 104 40 fig. 4.1: dimensions in millimeters 4.2. Connectors 4.2.1. Antenna sma fig. 4.2: antenna connectors sma mg102i uses sma antenna connectors: • mob 1, mob 2 for gsm/umts/lte antenna connection (mob 1 for 1st umts module, mob 2 for lte as auxiliary secon...
Page 13
4.2.2. Eth rj45 fig. 4.3: eth rj45 plug - pin numbering tab. 4.1: pin assignment ethernet interface eth (ethernet 10ba- set and 100baset) rj-45 socket signal pin tx+ 1 tx− 2 rx+ 3 rx− 6 4.2.3. Usb mg102i uses usb 1.1, host a interface. Usb interface is wired as standard: fig. 4.4: usb connector tab....
Page 14
Fig. 4.5: screw terminal tab. 4.3: pin assignment of screw terminal signal pin description pin ground internally connected with casing ground. V gnd 1 dual power input - not connected with pin 4: 12–48 vdc (–15% +20%) = 10.2–57.6 vdc. V+ (12–48 v=) 2 rs232 – rxd (receiving data) rxd 3 rs232 – txd (t...
Page 15
Tab. 4.6: voltage polarity connector misconnection risks plug pos. Plug pos. Plug pos. Plug pos. Pin description pin − − nde + ok − v gnd 1 ok + nde − − + v+ (12–48 v=) 2 − + dp [1] + dp [1] − rxd 3 dp [1] + dp [1] − − + txd 4 − + nde + nde − gnd 5 nde [2] + nde [2] − − + do1-1 6 − + nde + nde − do1...
Page 16: 4.3. Indication Leds
4.3. Indication leds fig. 4.7: indication leds tab. 4.7: mg102is interfaces and status indicators function state label start up, maintenance green blinking status ready (upper side banks description) green on ready (lower side banks description) orange on insufficient power supply orange blinking mo...
Page 17
4.4. Technical specifications tab. 4.8: technical specifications mobile interface umts wcdma, hsdpa, hsupa, hspa+: bands1, 2, 5, 8 edge, gprs: 850/900/1900 mhz data rates: max. 14.4 mbps downlink / 5.76 mbps uplink mobile interface lte lte: bands 1, 2, 3, 5, 7, 8, 20, all bands withs diversity wcdma...
Page 18: 4.5. Model Offerings
4.5. Model offerings ordering code (part no’s) trade name: mg102i type (according internal module(s)): mg102i-u, mg102i-l, mg102i-2u code (according to next hw modules): e.G. Mg102i-uw mg102i - xxyy - zzz xx – module type functionality module code gprs/edge/umts/hspa umts mg102i- u gprs/edge/umts/hs...
Page 19: 4.6. Accessories
4.6. Accessories 4.6.1. Din rail bracket fig. 4.8: din rail bracket fig. 4.9: mg102i with din rail bracket din rail bracket installation bracket for din rail mounting. For usage details see chapter mounting and chapter dimen- sions. 19 © racom s.R.O. – mg102igprs/umts/hspa+/lte router product.
Page 20
5. Bench test / step-by-step guide before starting to work with the hw please be sure that you have a sim card enabled for data and you have all the necessary information from the mobile operator (pin, apn, login, passwd) 5.1. Connecting the hardware 5.1.1. Install the sim card insert a sim card int...
Page 21: 5.4. Basic Setup
The default ip addresses are: • 192.168.1.1 for eth1 • 192.168.1.1 for eth2 • 192.168.1.1 for eth3 • 192.168.1.1 for eth4 • 192.168.5.1 for eth5 the default subnet mask is 255.255.255.0 for all interfaces. C. Start a web browser on your pc. Type the mg102i ip address in the address bar: http://192.1...
Page 22: 6. Installation
6. Installation 6.1. Mounting m!Dge/mg102i wireless router is designed for a din rail mounting or on a panel using flat bracket. Please consider the safety instructions in chapter 10, safety, environment, licensing . 6.2. Antenna mounting m!Dge/mg102i wireless routers will only operate reliably over...
Page 23: 7. Web Configuration
7. Web configuration 7.1. Home this page gives you a system overview. It helps you when initially setting up the device and also functions as a dashboard during normal operation. The highest priority link which has been established successfully will become the so-called hotlink which holds the defau...
Page 24: 7.2. Interfaces
7.2. Interfaces details for all physical connections are given in section 4.2, “connectors”. 7.2.1. Wan link management each available item in the wan link manager matches with the particular wan interface - for adding an item, the respective wan interface must be set (e.G. Lan, wwan). In case a wan...
Page 25
In the following example, the outgoing traffic will be distributed between lan2 (80 %) and wwan1 (20 %) links. Note this option is general and applies to all outgoing traffic. See section 7.3.3 multiple routes for more detailed configuration. We recommend using the permanent option for wan links. Ho...
Page 26
Note this option is configurable within wwan links only. Remember that lan1 cannot be used as the port for the ip passthrough functionality. • • lan10 is not usable within m!Dge/mg102i routers. Do not select it. Connection supervision network outage detection can be used for switching between availa...
Page 27
Link: the wan link to be monitored (can be any for all configured links). Mode: specifies whether the link is monitored during the connection estab- lishment or only when it is already up. Primary host: reference host one which will be used for checking ip connectivity (via icmp pings). Secondary ho...
Page 28
Option is set. Configure the maximum amount of downtime in minutes for which the link could not be established. Settings the maximum segment size defines the largest amount of data of tcp packets (usually mtu minus 40). You may decrease the value in case of fragmentation issues or link-based limits....
Page 29
Vlan management m!Dge/mg102i routers support virtual lan according to ieee 802.1q which can be used to create virtual interfaces on top of the ethernet interface. The vlan protocol inserts an additional header to ethernet frames carrying a vlan identifier (vlan id) which is used for distributing the...
Page 30
Static configuration of m!Dge's/mg102i's own ip address and subnet mask is available for the lan mode. The alias ip address enables configuring the lan inteface with a second ip address/subnet. Note setting of the ip address is interconnected with the dhcp server (if enabled) - menu the services - d...
Page 31
Static ip: ip configuration will be set manually. At least the default gateway and the primary dns server must be configured along with the ip address and subnet mask. Pppoe: pppoe is the preferred protocol when communicating with another wan access device (like a dsl modem). Username: pppoe user na...
Page 32
You can configure the following parameters: default modem the default modem assigned to this sim card. Service type the default service type to be used with this sim card. Remember that the link manager might change this in case of different settings. The default option is "automatic", in areas with...
Page 33
Been registered. Lai is a globally unique number that identifies the country, network provider and lac of any given location area. It can be used to force the modem to register to a particular mobile cell in case of competing stations. You may further initiate mobile network scan for getting network...
Page 34
Generally, the connection settings are derived automatically as soon as the modem has been registered and the network provider has been found in our database. Otherwise, it will be required to configure the following settings: phone number the phone number to be dialed, for 3g+ connections this comm...
Page 35
Based lan interface or create a self-contained ip interface which can be used for routing and to provide services (such as dhcp/dns/ntp) in the same way like an ethernet lan interface does. If the administrative status is set to disabled, the module will be powered off in order to reduce the overall...
Page 36
Wlan interfaces an access point can define up to 4 networks being broadcast. The networks can be individually bridged to a lan interface or operate as dedicated interface in routing mode. Wlan configuration running in access point mode you can define up to 4 ssids with each running their own network...
Page 37
The access point networks can be bridged to any lan interface for letting wlan clients and ethernet hosts operate in the same subnet. However, for multiple ssids we strongly recommend to set up separated interfaces in routing-mode in order to avoid unwanted access and traffic between the inter- face...
Page 38
7.2.5. Usb administration enable or disable the usb administration. If enabled, any supported usb converter can be attached and configured for example as another serial link (rs232, see section 7.2.6, “serial port”). Note supported modules are pl2303, ch341 and ftdi (quad-channel adapter). Following...
Page 39
• enable usb/ip device server the usb/ip device server can be used for the communication between the unit and the usb device via ip. This is being accomplished by tunneling the usb protocol over ip. The required usb/ip enumerator (windows application) for accessing the usb stick from the computer ca...
Page 40
The autorun.Key file must hold valid access keys to perform any actions when the storage device is plugged in. The keys are made up of your admin password. They can be generated and downloaded. You may also define multiple keys in this file (line-after-line) in case your admin password differs if ap...
Page 41
Device server serial port settings: configure the required rs232 parameters. Physical protocol: only rs232 is supported. Baud rate: specifies the baud rate of the com port. Data bits: specifies the number of data bits con- tained in each frame. Parity: specifies the parity used with every frame that...
Page 42
Protocol on ip port: “telnet” or “tcp raw” port: the tcp port used by the applica- tion. Timeout: endless or numbered (in seconds). Allow remote control (rfc 2217) telnet with the rfc 2217 extension. Show banner the option for displaying the banner of the connected serial device. Allow clients from ...
Page 43
Gprs/umts mobile network operates in ip environment, so the basic task for the protocol server is to convert scada serial packets to udp datagrams. The address translation settings are used to define the destination ip address and udp port. Then these udp datagrams are sent to the m!Dge/mg102i route...
Page 44
Important if configuring the protocol server together with vpn tunnels, there are several extra steps which must be done. Please see the application note, chapter 4.2 scada protocols - public apn 1 for the details. Common parameters the parameters described in this section are typical of most protoc...
Page 45
Hence, a scada message received from the serial interface is encapsulated into a udp/ip datagram, where the destination ip address and the destination udp port are defined according to the settings of the address translation. ■ mask translation using the mask is simpler to set, however it has some l...
Page 46
• udp port (interface) this is the udp port number which is used as the destination udp port in the udp data- gram in which the serial scada message, received from com, is encapsulated. • note you may add a note to each address up to 16 characters long for your convenience. (e.G. “remote unit #1”). ...
Page 47
Multiple c24 masters can be used within one network and one slave can be polled by more than one master. Underlined parameters are described in common parameters . Mode of connected device master address translation table mask slave • protocol frames list box: 1c, 2c, 3c, 4c default = 1c one of the ...
Page 48
Table mask slave broadcast accept • max gap timeout [ms] default = 30 the longest time gap for which a frame can be interrupted and still received successfully as one frame. It should not be set below 10ms, while 15–40 ms should be ok for a typical cactus protocol device. Comli comli is a serial pol...
Page 49
When the unit receives a data frame from the connected device, it generates the ack frame (0x1006) locally. When the unit receives the data frame from the mobile network, it sends the frame to the connected device and waits for the ack. If the ack is not received within 1 sec. Timeout, unit sends en...
Page 50
The master station broadcast is generated when the low address byte is 0xff and high ad- dress byte is also 0xff. ■ telegyr the control byte in the standard iec packet is omitted. The frame is 1 byte shorter than a standard one. This is typically used in the telegyr 805/809 protocol. Broadcast from ...
Page 51
More modbus masters can be used within one network and one slave can be polled by more masters. Modbus protocol configuration uses all parameters described in common parameters . Mode of connected device master broadcast address translation table mask slave broadcast accept profibus ripex supports p...
Page 52
If on , the unit responds to rb packets received from the rp 570 master locally over the com in- terface. However from time to time (rb period) the rb packets are transferred over the network in order to check whether the respective slave is still on. When the rb response from the slave to this rb p...
Page 53
Active only when the local simulation rb is on. The connected rtu’s address is supposed to be filled in. This address (0x00-0xff) is used in the rb packets generated locally in the m!Dge/mg102i/ripex and transmitted over the com. Siemens 3964(r) the 3964 protocol is utilized by the siemens company a...
Page 54
Mask slave broadcast accept • dle timeout [ms] default = 1000 (min. 300, max. 8190) m!Dge/mg102i/ripex expects a response (dle) from the connected device (rtu) within the set timeout. If it is not received, the unit repeats the frame according to the “retries” setting. • retries [no] default = 3 (mi...
Page 55
Mode of connected device master • address mode list box: binary (1 b), ascii (2 b), binary (2b lsb first). Binary (2b msb first). Default = binary (1 b) m!Dge/mg102i/ripex reads the protocol address in the format and length set (in bytes). The ascii 2-byte format is read as 2-character hexadecimal r...
Page 56
Suitable for the master–master communication scheme or a combination of the uni and async link protocols. Broadcast address translation table mask slave broadcast accept 7.2.7. Digital i/o the digital i/o page displays the current status of the i/o ports and can be used to turn output ports on or of...
Page 57
7.2.8. Gnss administration the gnss (gps) page lets you enable or disable the gps modules present in the system and can be used to configure the daemon that can be used to share access to receivers without contention or loss of data and to respond to queries with a format that is substantially easie...
Page 58
Server port the tcp port on which the daemon is listening for incoming connec- tions. Allow clients from specifies where clients can connect from, can be either every- where or from a specific network. Clients start mode specifies how client reception is started upon connect. You can specify on requ...
Page 59
Latitude the geographic coordinate specifying the north-south position. Longitude the geographic coordinate specifying the east-west position. Altitude the height above sea level of the current location. Satellites this page provides you with a satellite view with some additional details. In the hom...
Page 60
Satellites in view the number of satellites in view as stated in gpgsv frames. Speed the horizontal and vertical speed in meter per second as stated in gprmc frames. Dilution of precision the dilution of precision as stated in gpgsa frames. Satellites used the number of satellites used for calculati...
Page 61: 7.3. Routing
7.3. Routing 7.3.1. Static routes this menu shows all routing entries of the system, which can consist of active and configured ones. (netmasks can be specified in cidr notation, e.G. 24 expands to 255.255.255.0 ). Destination: destination network or host provided by ip addresses in dotted decimal. ...
Page 62
Default route the route is a default route, address and netmask are set to 0.0.0.0, thus matching any packet you can check the corresponding routing via the "route lookup" functionality. Just fill in the desired ip address and click on the "lookup" button. The detailed information about the chosen r...
Page 63
Route to specifies the target interface or gateway to where the packet should get routed to. Type of service the tos value within the packet header (possible values are ignore, normal- service (0), minimize-cost (2), maximize-reliability (4), maximize-throughput (8), minimize-delay (16)) 7.3.3. Mult...
Page 64
The packets and send them further to the router. Switching works by telling the home agent that the hotlink address has changed, the agent will then re-route (that means encapsulate the packets with the new target address) the packets transparently down to the box. Our implementation supports rfc 33...
Page 65
Udp encapsulation: specifies whether udp encapsulation shall be used mobile network address: optionally specifies a subnet which should be routed to the box mobile network mask: the netmask for the optional routed network if mip is run as home agent, you will have to set up a home address and netmas...
Page 66
7.3.5. Quality of service (qos) m!Dge/mg102i routers are able to prioritize and shape certain kinds of ip traffic. This is currently limited on egress, which means that only outgoing traffic can be stipulated. The current qos implementation uses stochastic fairness queueing (sfq) classes in combinat...
Page 67
In case an interface has been activated, the system will automatically create the following queues: high: a high priority queue which may hold any latency-critical services (such as voip). Default: a default queue which will handle all other services. Low: a low priority queue which may hold less-cr...
Page 68: 7.4. Firewall
You can now configure and assign any services to each queue. The following parameters apply: interface: the qos interface of the queue queue: the qos queue to which this service shall be assigned source: specifies a network address and netmask used to match the source address of packets destination:...
Page 69
The specified rules are processed by order, that means, traversing the list from top to bottom until a matching rule is found. If there is no matching rule found, the packet is allowed. Administrative status: enable or disable packet filtering. Allow wan administration: this option will predefine th...
Page 70
Add firewall rule description: a meaningful description about the purpose of this rule. Mode: whether the packets of this rule should be allowed or denied. Incoming interface: the interface on which matching packets are received. Outgoing interface: the interface on which matching packets are receiv...
Page 71
7.4.2. Napt this page allows setting of the options for network address and port translation (napt). Napt translates ip addresses or tcp/udp ports and enables communication between hosts on a private network and hosts on a public network. It generally allows a single public ip address to be used by ...
Page 72
Description: a meaningful rule description incoming interface: interface from which matching packets are received map: choosing whether the rule applies to the host or to the network. Target address: destination address of matching packets (optional) target port(s): used udp/tcp port range of matchi...
Page 73
Map: choosing whether the rule applies to the host or to the network. Outging interface: outgoing interface on which matching packets are leaving the router source address/ports: source address/ports of matching packets (if map is set to "host") source network/netmask: source network/netmask of matc...
Page 74: 7.5. Vpn
7.5. Vpn 7.5.1. Openvpn administration openvpn administrative status: enable or disable openvpn. Restart on link change: if checked, the tunnel is restarted whenever any link changes the status. If enabled, openvpn client configurations will be started whenever a wan link has been established. Serve...
Page 75
Client mode peer selection: specifies how the remote peer shall be selected, besides a single server you may configure multiple servers which can , in case of failures, either be selec- ted sequentially (i.E. Failover) or randomly (i.E. Load balancing). Server the remote server address or hostname p...
Page 76
Encryption: required cipher mechanism used for encryption. Use compression: enable or disable openvpn compression. Use keepalive: can be used to send a periodic keep alive packet in order to keep the tunnel up despite inactivity. Redirect gateway: by redirecting the gateway, all packets will be dire...
Page 77
Important openvpn tunnels require a correct system time. Please ensure that all ntp servers are reachable. When using host names, a working dns server is required as well. Client management once you have successfully set up an openvpn server tunnel you can manage and enable clients which can connect...
Page 78
Change and data encryption and can be seen as one of the strongest vpn technologies in terms of security. Administration ipsec administrative status: enable or disable ipsec propose nat traversal: nat-traversal is mainly used for connections which traverse a path where a router modifies the ip addre...
Page 79
Detection cycle: set the delay (in seconds) between dead peer detection (rfc 3706) keepalives (r_u_there, r_u_there_ack) that are sent for this connection (default 30 seconds) failure threshold: the number of unanswered dpd r_u_there requests until the ipsec peer is considered dead (the router will ...
Page 80
Peer id type: the identification type for the remote router peer id: the peer id value note when using certificates you would need to specify the operation mode. When run as the pki client you can create a certificate signing request (csr) in the certi- ficates section which needs to be submitted at...
Page 81
Encryption algorithm: the ike encryption method (3des, aes128, aes192, aes256) authentication algorithm: the ike authentication method (md5, sha1, sha2-256) sa life time: the security association lifetime in seconds force encapsulation: choose the negotiation mode (main, aggressive). The aggressive ...
Page 82
7.5.3. Pptp point-to-point tunneling protocol (pptp) is a method for implementing virtual private networks between two hosts. Pptp is easy to configure and widely deployed amongst microsoft dial-up networking servers. However, it is nowadays considered insecure. When setting up a pptp tunnel, you wo...
Page 83
A client tunnel requires the following parameters to be set: server address: the address of the remote server username: the username used for authentication password: the password used for authentication 7.5.4. Gre the generic routing encapsulation (gre) is a tunneling protocol that can encapsulate ...
Page 84
Local tunnel address the local ip address of the tunnel local tunnel netmask the local subnet mask of the tunnel remote network the remote network address of the tunnel remote netmask the remote subnet mask of the tunnel in general, the local tunnel address/netmask should not conflict with any other...
Page 85: 7.6. Services
7.6. Services 7.6.1. Sdk racom routers are shipping with a software development kit (sdk) which offers a simple and fast way to implement customer-specific functions and applications. It consists of: 1. An sdk host which defines the runtime environment (a so-called sandbox), that is, controlling acc...
Page 86
1. Send/retrieve sms 2. Send e-mail 3. Read/write from/to serial device 4. Control digital input/output ports 5. Run tcp/udp servers 6. Run ip/tcp/udp clients 7. Access files of mounted media (e.G. An usb stick) 8. Retrieve status information from the system 9. Get or set configuration parameters 10...
Page 87
.Wanlink1_dial_success = string[1]: "1" .Wanlink1_address = string[15]: "192.168.131.233" .Wanlink1_download_rate = string[3]: "202" .Wanlink2_sim = string[4]: "sim1" .Wanlink2_download_rate = string[1]: "8" .Wanlink1_upload_rate = string[1]: "0" .Wanlink2_upload_rate = string[1]: "8" .Wanlink2_dial...
Page 88
Printf ("and was not running."); printf(""); nb_config_set ("network.Ntp.Status=1"); } else { printf ("and was running."); printf(""); } printf ("the ntp server is now running with ip address: "); printf (nb_config_get("network.Ntp.Server0")); running sdk in the sdk, we are speaking of scrip...
Page 89
This page can be used to control the sdk host and apply the following settings: administrative status: specifies whether sdk scripts should run or not scheduling priority: specifies the process priority of the sdkhost, higher priorities will speed up scheduling your scripts, lower ones will have les...
Page 90
This page can be used to set up scripts, triggers and jobs. It is usually a good idea to create a trigger first which is made up by the following parameters: name: a meaningful name to identify the trigger type: the type of the trigger, either time-based or event-based condition: specifies the time ...
Page 91
Action: you may either edit a script, upload it to the system or select one of the example scripts or an already uploaded script you are ready to set up a job afterwards, it can be created by using the following parameters: name: a meaningful name to identify the job trigger: specifies the trigger t...
Page 92
/* arguments : schnick schnack "s c h n u c k" */ for (i = 0; i printf (" argv %d: %s", i, argv [i]); } /* generates: * argv 0: /scripts/testrun * argv 1: schnick * argv 2: schnack * argv 3: s c h n u c k */ in case of syntax errors, arena will usually print error messages as follows (indicating t...
Page 93
• current ip address of the ppp interface • current ip address of the vpn interface (if enabled) disconnect terminates all wan connections (including vpn) reboot initiates a system reboot output 1 on switch digital output 1 on output 1 off switch digital output 1 off output 2 on switch digital outpu...
Page 94
Last lease address: last address for dhcp clients lease duration: number of seconds (30-86400) how long a given lease will be valid until it has to be requested again persistent leases: by turning this option on, router will remember to give leases even after a reboot. It can be used to ensure the s...
Page 95
7.6.4. Ntp server this section can be used to individually configure the network time protocol (ntp) server function. Administrative status: enabled or disabled poll interval: defines the polling interval (64-4096 seconds) for synchronizing the time with the master clock servers allowed hosts: defin...
Page 96
Dynamic address: specifies whether the address is derived from the hotlink, outgoing interface address or via an external service. Usually, the hotlink option is used. Hostname: the host-name provided by your dyndns service (e.G. Mybox.Dyndns.Org) username: the user-name used for authenticating at t...
Page 97
From address: sender e-mail address server address: smtp server address server port: smtp server port (typically 25) authentication: choose the required authentication method to authenticate against the smtp server encryption: the optional encryption for the e-mail messaging (none or tls) username: ...
Page 98
Events the default texts for a specific event are as follows: description event (id) category a gsm call is coming in call-incoming (701) call outgoing voice call is being established call-outgoing (702) dynamic dns update failed ddns-update-failed (802) ddns dynamic dns update succeeded ddns-update...
Page 99
Description event (id) category mobile ip connection went down mobileip-down (411) mobileip mobile ip connection came up mobileip-up (410) openvpn connection went down openvpn-down (402) openvpn openvpn connection came up openvpn-up (401) pptp connection went down pptp-down (407) pptp pptp connectio...
Page 100
Received messages are pulled from the sims and temporarily stored on the router but get cleared after a system reboot. Please consider to consult an sdk script in case you want to process or copy them. Sending messages heavily depends on the registration state of the modem and whether the provided s...
Page 101
Phone numbers can also be specified by regular expressions, here are some examples: +12345678 specifies a fixed number +1* specifies any numbers starting with +1 +1*9 specifies any numbers starting with +1 and ending with 9 +[12]* specifies any numbers starting with either +1 or 2 please note that n...
Page 102
7.6.9. Ssh/telnet server apart from the web manager, the ssh and telnet services can be used to log into the system. Valid users include root and admin as well as additional users as they can be created in the user accounts section. Please note, that a regular system shell will only be provided for ...
Page 103
Server port: the tcp port of the service (usually 23) the following parameters can be applied to the ssh service: administrative status: whether the ssh service is enabled or disabled server port: the tcp port of the service (usually 22) disable admin login: if checked, access via ssh for admin and ...
Page 104
Note config update expects a zip-file named .Zip in the specified directory which contains at least a "user-config.Zip". Supported protocols are tftp, http(s) and ftp. Specifying a username/password or port is not yet supported. • get configuration update status: snmpget -v 3 -u admin -n "" -l authn...
Page 105
Snmp authentication when running in snmpv3, it is possible to configure the following authentication settings: authentication: defines the authentication (md5 or sha) encryption: defines the privacy protocols to use (des or aes) in general, the admin user can read and write any values. Read access w...
Page 106
Administrative status: enable or disable the web server http port: web server port for http connections https port: web server port for https connections https certificate: either information that the certificate is 'installed' or a link to create such certificate. Enable cli-php: enable cli-php ser...
Page 107
Administrative status: enable or disable redundancy role: role of this system (either master or backup) vid: the virtual router id (you can theoretically run multiple instances) interface: interface on which vrrp should be performed virtual gateway address: virtual gateway address formed by the part...
Page 108: 7.7. System
7.7. System 7.7.1. System settings local host name: the local system hostname application area: the desired application area which influences the system behaviour such as registration timeouts when operating in the mobile environ- ment. Syslog redirect address: the host where system log messages sho...
Page 109
You may configure toggle mode, so that the leds periodically show both bank states. See the leds description in section 4.3, “indica- tion leds”. Time & region network time protocol (ntp) is a protocol for synchronizing the clocks of computer systems over packet-switched, variable-latency data netwo...
Page 110
7.7.2. Authentication authentication this page offers a simple shortcut to allow only secure connections (ssh, https) for managing the router. If the option "secure authentication preferred" is set, users will be redirected to https but can still login via http/telnet. User accounts this page lets y...
Page 111
Shell choose whether the cli or shell command prompt shall be started after the user is logged in via ssh/telnet. This is currently applicable only for the admin user. Password: define a password password confirmation: confirm the password remote authentication a remote radius server can be used to ...
Page 112
Update operation: the update operation method being used. You can upload the image or download it from the given url url: you can upload the image or download it from the given url. When issuing a software update, the current configuration (including files like keys/certificates) will be backuped. A...
Page 113
Automatic software update status: enable/disable automatic software update time of day: every day at this time m!Dge/mg102i will do a check for updates url: the server url where the software update package should be downloaded from. Supported protocols are tftp, http(s), and ftp firmware update this...
Page 114
7.7.4. Configuration configuration via the web manager becomes tedious for large volumes of devices. M!Dge/mg102i therefore offers automatic and manual file-based configuration to automate things. Once you have successfully set up the system you can back up the configuration and restore the system w...
Page 115
In order to restore a particular configuration you can upload a configuration previously downloaded or update configuration from the provided url link. You can choose between missing configuration directives stay the same as in the currently running configuration. Automatic updates status: enable/di...
Page 116
Factory configuration this menu can be used to reset the device to factory defaults. Your current configuration will be lost. This procedure can also be initiated by pressing and holding the reset button for at least 10 seconds. A successfully initiated factory reset can be noticed by all leds being...
Page 117
Define the remote host (ip address or hostname), number of packets and the packet size. The traceroute utility can be used to print the route to a remote host. Define the target host (ip or hostname), time-to-live (ttl - number of hops on the resulting route) and the timeout in seconds (max. Time to...
Page 118
Several basic protocols can be excluded from the resulting pcap file (http, https, telnet and ssh). Note the default number of received packets is set to 1000. For downloading the file, just click on the download button. The captured file can be also downloaded from the /tmp/ directory via the appro...
Page 119
After the utility initialization, it can be viewed in a separate window. Displaying graphs and individual host statistics are supported. System debugging log files can be viewed, downloaded and reset here. Please study them carefully in case of any issues. 119 © racom s.R.O. – mg102igprs/umts/hspa+/...
Page 120
Default debugging levels for individual daemons are as follows: • configd – 4 • watchdog – 4 • swupdate – 5 • wwan-managerc – 5 • led-manager – 5 mg102igprs/umts/hspa+/lte router – © racom s.R.O. 120 web configuration.
Page 121
• event-manager – 5 • link-manager – 5 • wwanmd – 5 • surveyor – 5 • mobile-node – 4 • home-agent – 4 • voiced – 4 • smsd – 5 • sdkhost – 6 • qmid – 4 • ser2net – 4 • rrsp2 – 1 • qosd – 0 you can change the values to suit your needs and you can reset the values into their defaults by pressing the " ...
Page 122
You can encrypt the techsupport file in order to secure the file against reading it without knowing the security key for decrypting the file. It is more secure way to send the techsupport file via nonsecure e- mail. The decrypting key is known by our support team only and cannot be provided to anybo...
Page 123
Web server: the certificates for the web server required for running http over ssl (https). Ssh server: the dss/dsa keys for the ssh server. Openvpn: server or client keys and certificates for running openvpn tunnels. Ipsec: server or client keys and certificates for running ipsec tunnels. Wlan: key...
Page 124
Configuration this page provides some general configuration options which will be applied when operating with keys and certificates. If keys, certificates and signing requests are generated locally, the following settings will be taken into account: organization (o): the certificate owner’s organiza...
Page 125
Scep configuration if certificates are getting enrolled by using the simple certificate enrollment protocol (scep) the fol- lowing settings can be configured: scep status: specifies whether scep is enabled or not. Url: the scep url, usually in the form http:////pkiclient.Exe. Ca fingerprint: the fin...
Page 126
7.7.7. Licensing this menu allows you to view and update the license status of your system. Note that some features are disabled if no valid license is provided. Availability means that the licence can be applied to the current hardware. The valid license is active if the status "licensed" is displa...
Page 127
127 © racom s.R.O. – mg102igprs/umts/hspa+/lte router web configuration.
Page 128: 7.8. Logout
7.8. Logout log out from web manager. Mg102igprs/umts/hspa+/lte router – © racom s.R.O. 128 web configuration.
Page 129: 8. Command Line Interface
8. Command line interface the command line interface (cli) offers a unified control interface to the router and can be used to get/set configuration parameters, apply updates, restart services or perform other system tasks. The cli should be started using cli -i command from system shell or when log...
Page 130: 8.2. Print Help
Action key sequence move back a character. Ctrl-b move forward to the end of the next word. Alt-f move back to the start of the current or previous word. Alt-b clear the screen leaving the current line at the top of the screen, with an argument given refresh the current line without clearing the scr...
Page 131
> help usage: help [] available commands: get get config parameters set set config parameters update update system facilities cert manage keys and certificates status get status information scan scan networks send send message, mail, techsupport or ussd restart restart service debug debug system res...
Page 132
Set [-hv] = [=..] options: -v validate config parameter see the following example for setting configuration digital output values. Both values will be "off" and both values will be also "off" after the next start-up procedure. > set dio.Out1=off > set dio.Out2=off 8.5. Updating system facilities the...
Page 133
8.7. Getting status information the status command can be used to get various status information of the system. > status -h usage: status [-hs] options: -s generate sourceable output available sections: summary short status summary info system and config information config current configuration syst...
Page 134: 8.8. Scan
8.8. Scan the scan command can be used to scan the mobile network for the possible networks. Note that the active mobile connection will be deactivated during the scan procedure. > scan -h usage: scan [-hs] options: -s generate sourceable output available interfaces: mobile1 (wwan0) see the example ...
Page 135: 8.11. Debug
Available services: configd configuration daemon dnsmasq dns/dhcp server dropbear ssh server firewall firewall and napt gpsd gps daemon gre gre connections ipsec ipsec connections lighttpd http server link-manager wan links network networking openvpn openvpn connections pptp pptp connections qos qos...
Page 136: 8.12. Resetting System
Mobile-node home-agent voiced smsd sdkhost qmid ser2net qosd rrsp2 8.12. Resetting system the reset command can be used to reset the router back to factory defaults. > reset -h usage: reset [-h] [facility] available reset facilities: factory reset system to factory defaults statistics reset link sta...
Page 137: 8.16. Cli–Php
5 set dio.Out2=off 6 set dio.Out1=on 7 get dio.Out1 8 get dio.Out2 9 set -h 8.16. Cli–php cli-php, an http front-end to the cli application, can be used to configure and control the router remotely. It is enabled in factory configuration, thus can be used for deployment purposes, but disabled as soo...
Page 138
Response: the returned response will always contain a status line in the format: : with return values of ok if succeeded and error if failed. Any output from the commands will be appended examples: ok: status command successful error: authentication failed status – display status information key usa...
Page 139
Of tuples because of the reserved '=' char, i.E. [arg0=key0, arg1=val0], [arg2=key1, arg3=val1], [arg4=key2, arg5=val2], etc examples: http://192.168.1.1/cli.Php?Version=2&output=html&usr=admin&pwd= admin01&command=set&arg0=snmp.Status&arg1=1 http://192.168.1.1/cli.Php?Version=2&output=html&usr=admi...
Page 140
Update - update system facilities key usage: command=update&arg0=&arg1= notes: available facilities can be retrieved by running 'command=update &arg0=−h' examples: http://192.168.1.1/cli.Php?Version=2&output=html&usr=admin&pwd=127 admin01&command=update&arg0=software&arg1=tftp://192.168.1.254/latest...
Page 141
Send - send techsupport key usage: command=send&arg0=techsupport&arg1=stdout command=send&arg0=techsupport&arg1= notes: the address has to be a valid e−mail address such as abc@abc.Com (the at−sign can be encoded with \%40) . The e−mail client must be properly configured prior to using that function...
Page 142: 9. Troubleshooting
9. Troubleshooting 9.1. Common errors with gprs/umts connection (even if gsm signal is good enough) following errors are common: sim missing check the sim card status in the interfaces → sims menu, turn off the unit, insert/re-insert the sim card and power up the unit again pin code required insert ...
Page 143
9.3.2. Log files information about boot-up process and about running processes can be found in the linux-like log files, see the system→ troubleshooting → system debugging menu . 143 © racom s.R.O. – mg102igprs/umts/hspa+/lte router troubleshooting.
Page 144: 10.1. Safety Instructions
10. Safety, environment, licensing 10.1. Safety instructions the m!Dge/mg102i wireless router must be used in compliance with any and all applicable interna- tional and national laws and in compliance with any special restrictions regulating the utilization of the communication module in prescribed ...
Page 145
10.1.2. Rohs and weee compliance the m!Dge/mg102i is fully compliant with the european commission‟s rohs (restriction of certain hazardous substances in electrical and electronic equipment) and weee (waste electrical and electronic equipment) environmental directives). Restriction of hazardous subst...
Page 146: 10.2. Country Of Origin
10.2. Country of origin country of origin declaration manufacturer: racom address: mirova 1283, 592 31 nove mesto na morave, czech republic vat no: cz46343423 we, the manufacturer, hereby declare that country of origin of all the gsm products and its accessories is the czech republic, eu. Nove mesto...
Page 147: 10.3. Warranty
10.3. Warranty racom-supplied parts or equipment ("equipment") is covered by warranty for inherently faulty parts and workmanship for a warranty period as stated in the delivery documentation from the date of dispatch to the customer. The warranty does not cover custom modifications to software. Dur...
Page 148: Appendix A. Glossary
Appendix a. Glossary apn access point name / access point node ce conformity of equipment according to eu rules cs coding scheme csd circuit switched data dhcp dynamic host configuration protocol dmz demilitarized zone dns domain name system edge enhanced data service for gsm evolution emc electroma...
Page 149
Ras remote access service (dial-in networking ppp) rohs restriction of hazardous substances sim subscriber identity module sw software tcp transmission control protocol tftp trivial file transfer protocol udp user datagram protocol umts universal mobile telecommunications system url universal resour...
Page 150: Index
Index a accessories, 19 antenna gsm/umts, 20 mounting, 22 authentication, 110 b basic setup, 21 brc com, 44 c certificates, 122 cli, 129 client e-mail, 96 com protocols, 42 command line interface, 129 configuration, 23 conformity, 144 connecting mg102i, 20 connectors antenna sma, 12 eth rj45, 13 scr...
Page 151
R redundancy, 106 reset, 116 rohs, 145 router, 7 routing, 61 s safety instructions, 144 serial port, 40 server dhcp, 93 dial-in, 84 dns proxy, 94 pptp, 82 ssh/telnet, 102 web, 105 services, 85 sim, 31 sim card, 20 sms, 99 snmp agent, 103 software update, 111 specification, 17 standards, 8 start, 6 s...
Page 152
152.
Page 153
Appendix b. Revision history 2012-10-09 revision 1.0 1st xml version 2013-10-09 revision 1.1 added section the section called “protocol server” 2014-03-26 country of origin revision 1.2 added section section 10.2, “country of origin” 2014-04-09 revision 1.3 complete manual revision for fw version 3....