M!DGE/MG102i. Application notes.

Size: px
Start display at page:

Download "M!DGE/MG102i. Application notes. www.racom.eu"

Transcription

1 Application notes. M!DGE/MG102i. version 2.1 4/11/2014 RACOM s.r.o. Mirova Nove MestonaMorave CzechRepublic Tel.: Fax:

2

3 Table of Contents 1. SCADA serial protocols over GPRS routers Static Addressing with M!DGE/MG102i router in the centre Static addressing with a IP gateway to mobile operator centre Dynamic addressing Hybrid GSM/Radio networks M!DGE/MG102i CENTRE A standalone M!DGE in the centre A leased line to GSM/UMTS network centre Backup of WAN by UMTS/HSPA Serial port SCADA protocols implementation GPRS and VHF/UHF radio data network combination Backup of WAN by UMTS/HSPA Basic M!DGE configuration Practical Test A. Revision History RACOM s.r.o. M!DGE/MG102i 3

4 4

5 1. SCADA serial protocols over GPRS routers How to handle SCADA applications which use serial interface over a GPRS/EDGE/UMTS mobile network, employing M!DGE/MG102i routers. In recent years, world of communication is ruled by the Internet Protocol stack and RS232 based interfaces are generally considered obsolete. Typical SCADA device life cycle is nevertheless long enough to guarantee demand for good old serial interfaces for several years from now. Common RS232 to TCP (UDP) converters can help in some cases by creating the required number of transparent peerto-peer connections from all remote serial ports to the corresponding (physical or virtual) ports in the data centre. However such solution requires a special routing arrangement in the centre, hence it is not always feasible. A typical SCADA Front End Processor (the central interface of the application to the communication network) uses a proprietary protocol over a single RS232 interface. Each message coming out from the FEP is addressed and should be delivered to the designated remote serial port. Certainly a transparent broadcasting to all remotes could do the job, making the service provider happy (assuming the resulting bills are paid). Obviously the proper solution is to transmitt the message to the destination addresss only. A SCADA serial protocol typically uses simple 8 or 16 bit addressing. The mobile network address scheme is an IP network, where the range is defined by the service provider (sometimes including individual addresses, even in the case of a private APN). Consequently a mechanism of translation between the SCADA and the IP addresses is required. To make things worse, IP addresses may be assigned to GPRS (EDGE, UMTS, etc.) devices dynamically upon each connection. This application note describes how to efficiently solve this problem using RACOM made routers. Three basic situations are described: a. The mobile network uses static IP addressing and the interfacing device to the SCADA centre is a GPRS router. Such scenario is suitable for small networks with tens of remote stations. b. The mobile network uses static IP addressing and the SCADA centre is connected to the network through a special IP gateway. This model can be used for networks with tens to hundreds remotes. c. The mobile network uses dynamic addressing for remote locations and a static address in the centre. Typically an IP gateway to mobile network is used in the centre and VPN tunnelling is employed. This design can be used for network of any size and it should be always used for large networks with hundreds or more remotes. All three scenarios require a special device in the centre to do the address translation for outgoing messages (the SCADA protocol address to the IP address/port pair). RACOM RipEX radio modem is used in the following examples, as it is the straightforward and most economical choice for the task. Moreover it opens the possibility to combine GPRS and private radios in one SCADA network (see Section 1.4, Hybrid GSM/Radio networks ). RACOM s.r.o. M!DGE/MG102i 5

6 1.1. Static Addressing with M!DGE/MG102i router in the centre Fig. 1.1: Typical layout of a GSM/UMTS network with static addresses Setting the RipEX (address translating router) The RipEX router in the centre wraps the complete incoming RS232 message into a UDP datagram, while reading the destination SCADA address and determining the respective IP address/udp port pair. The minimal required setting for this task is as follows: 6 M!DGE/MG102i RACOM s.r.o.

7 Menu Settings The following values have to be changed from the factory settings (the red framed fields in the picture above): The IP address and Mask of the Ethernet interface of RipEX - the address has to be in the same LAN with the connected M!DGE/MG102i router. COM 1 (or COM 2) interface. The setting of Baud rate, Data bits, Parity and Stop bits has to match the setting of the SCADA centre. Protocol at the respective COM has to be set according to the SCADA protocol used. Many SCADA protocols can be handled by the universal "UNI" protocol (see the Application Note UNI protocol). Setting of Protocol parameters The following is a typical example where the Modbus serial protocol is used: RACOM s.r.o. M!DGE/MG102i 7

8 Master mode of the protocol has to be always used in the centre. In a small network, a table will be typically used for translation between protocol and IP addresses. Fill in the Dec (or Hex) format of all SCADA addresses (one per line) and the corresponding IP addresses (static IP addresses of SIM cards used at the respective remote MG102i/M!DGEs). Each UDP port has to be the same as the Local UDP port set at the COM server at the respective remote M!DGE/MG102i router. Menu Routing The Gateway for the IP address range of all remote MG102i/M!DGEs has to be set to the IP address of the central M!DGE/MG102i (and it has to fall within the range assigned to the ETH Interface). 8 M!DGE/MG102i RACOM s.r.o.

9 Setting of the central M!DGE/MG102i router Seting of NAPT All incoming UDP datagrams from the mobile network (originated at the remote MG102i/M!DGEs) have to be sent to the IP address of RipEX router in the centre, to the UDP port number corresponding with the serial port where the SCADA centre is connected it normally is 8881 for COM 1 or 8882 for COM 2. The External port range has to contain all remote UDP ports set in the respective COM servers of remote MG102i/M!DGEs. RACOM s.r.o. M!DGE/MG102i 9

10 Setting of routing The Default GW (Destination , Netmask and Gateway ) has to be assigned to the WWAN1 Interface Setting of remote M!DGE/MG102i routers Setting of the serial interface The setting of the Serial port has to match the respective RTU serial port setting. 10 M!DGE/MG102i RACOM s.r.o.

11 Setting of the Device server The UDP raw protocol on the IP port shall be used. The Local UDP port has to correspond with the respective port number set in the address translation table in the central RipEX (see the section called Seting of NAPT.). The mobile interface IP address of the central M!DGE/MG102i shall be filled in the Remote IP field, the Remote Port shall be 8881 when COM 1 is used at the central RipEX, 8882 when it is COM 2. RACOM s.r.o. M!DGE/MG102i 11

12 Setting of the routing The Default GW (Destination , Netmask and Gateway ) has to be assigned to the WWAN1 Interface Static addressing with a IP gateway to mobile operator centre Fig. 1.2: Typical layout with IP gateway to a mobile operator centre 12 M!DGE/MG102i RACOM s.r.o.

13 Setting the RipEX (address translating router) The setting of the central RipEX is the same as described in the Section 1.1.1, Setting the RipEX (address translating router) chapter above. The only difference comes in the Routing menu, where the IP gateway address has to be set as the gateway for the IP address range of all remote MG102i/M!DGEs, instead of the central MG102i/M!DGE router address (there is no such central GPRS router in this layout). See Section 1.1.1, Setting the RipEX (address translating router) for details Requirements on the IP gateway provided by the mobile operator Some settings have to be done by the mobile operator. The necessary minimum has to meet the following two requirements: all UDP datagrams outgoing from the RipEX IP address have to be delivered to the IP addresses and the respective UDP ports of remote M!DGE/MG102i routers all UDP datagrams from the remote M!DGE/MG102i addresses have to be delivered to the IP address of the RipEX in the centre (with UDP ports 8881 or 8882) Settings required for Remote M!DGE/MG102i routers The settings are the same as described in the chapter Section 1.1.3, Setting of remote M!DGE/MG102i routers. The only difference is in the Remote IP field in the COM server setting (see Section 1.3.2, Setting the Ripex (address translating router).), where the IP address of the central RipEX shall be filled in Dynamic addressing When the IP addresses are assigned to remote M!DGE/MG102i routers dynamically, the simple static routing can not be used. Whenever a remote router establishes the connection to the GSM network, it receives a new IP address. In order to faciliate two way communication between remote and central serial ports, the M!DGE/MG102i routers support two standard types of VPN tunnels ( - IPsec ( and OpenVPN ( Upon every connection to the network, a remote router creates a tunnel to the VPN concentrator in the centre (remeber a static IP address in the centre is always required). Every time a tunnel is established, the routes to IP addresses/networks connected through it are added to the routing tables in the centre. The additional advantage of VPN tunnels is higher security of data transfered through the public network. The VPN concetrator in small networks with several remotes can run in the central GSM/UMTS router (with static IP address assigned), in large networks a specialized IP router (e.g. Cisco) is needed and a leased line connection to the operator's gateway is used (similarly to the arrangement described in the paragraph Section 1.2, Static addressing with a IP gateway to mobile operator centre above). RACOM s.r.o. M!DGE/MG102i 13

14 Fig. 1.3: Typical layout of a GSM/UMTS network with VPN tunnels VPN concentrator OpenVPN Since OpenVPN is based on universal network protocols (TCP and UDP), it is desirable alternative to IPsec when the operator's firewall blocks specific VPN protocols. OpenVPN works in multiclient-server arrangement a short description of configuration of an OpenVPN tunnel with M!DGE/MG102i follows. OpenVPN Server in M!DGE/MG102i A M!DGE/MG102i router can act as a VPN server for networks with up to 10 OpenVPN tunnel connections (up to 25 with Server Extension SW key); for larger networks a Linux or Windows based server should be used. 14 M!DGE/MG102i RACOM s.r.o.

15 Fig. 1.4: Typical layout of a small network The first step is enabling OpenVPN administration: Setting the Server of Tunnel 1: RACOM s.r.o. M!DGE/MG102i 15

16 Default values can be used. When root and server certicates are missing they have to be generated in the Keys & Certificates window; Manage keys and certificates link can be used as a shortcut. Use the Create button to generate the server certificates and keys. 16 M!DGE/MG102i RACOM s.r.o.

17 Important Time synchronisation of server and all clients is required - without the time synchronisation the OpenVPN tunnel cannot be established. You can use the central M!DGE as an NTP server - before establishing of tunnel only the static IP address of the central M!DGE is reachable. When there is a time server available within the GSM/GPRS network, it can be alternatively used. After successful generation you can check the certificates using the View link. You can also continue with setting of the OpenVPN using the Configure link. The available clients for the server are displayed at the bottom of the window. RACOM s.r.o. M!DGE/MG102i 17

18 In the Client Management window you can prepare configuration, certificates and keys for several clients. In the Networking menu, you can define the clients' networks or leave it empty. Each client can have its own network/mask. 18 M!DGE/MG102i RACOM s.r.o.

19 In the Routes menu, you can add networks which will be pushed into all clients' Routing menu so that matching packets will be routed back to the server. Routing between the clients can be enabled too. Expert mode files can be downloaded for all clients. Fill in the VPN server's IP address or a hostname. The downloaded zip file contains all configured clients' expert files. RACOM s.r.o. M!DGE/MG102i 19

20 20 M!DGE/MG102i RACOM s.r.o.

21 OpenVPN Client in M!DGE/MG102i The next step is setting the clients. First you need to set all the standard Ethernet settings (IP address, mask) and mobile connection. Configuring an OpenVPN client is straightforward. Enable the OpenVPN first: Then you can use expert mode of OpenVPN configuration upload the respective file generated by the server: Alternatively you can proceed step by step using standard configuration. Make sure that the respective settings of Server and Client match. RACOM s.r.o. M!DGE/MG102i 21

22 You can manualy upload client keys and certificates generated by server. 22 M!DGE/MG102i RACOM s.r.o.

23 Finally you can set any other route to the central LAN to the respective interface if you did not set it during the OpenVPN configuration process (e.g. TUN1 as in our example): RACOM s.r.o. M!DGE/MG102i 23

24 When the server and all clients are configured, the OpenVPN tunnels are ready. IPsec IPsec can be used in a network of any size. A dedicated router (or several routers) serve(s) as the VPN concentrator. The choice of vendor and type depends on the SLA requirements and the size of the network - RACOM has positive experience with Cisco routers (IOS or ASA based), however routers from other vendors (e.g. Juniper, Netgear, WatchGuard or others) can certainly be used. The following routers were used as IPsec VPN concentrators: M!DGE/MG102i - up to 4 tunnels Cisco 871-K9 up to 10 tunnels Cisco 1841-HSEC/ K9 up to 800 tunnels Please follow the instruction in the user manual of the specific router for IPsec tunnel settings. RACOM support team can assist you with basic settings for Cisco routers. A short description of the IPsec tunnel configuration in M!DGE/MG102i follows. 24 M!DGE/MG102i RACOM s.r.o.

25 IPsec configuration Fig. 1.5: Typical layout of a small network Both remote M!DGE/MG102i units in the example have dynamic mobile IP addresses. With IPsec, you have two possible configuration options: set the Center's Remote peer IP address to , or set the dynamic DNS service on every remote M!DGE/MG102i unit. Configuring remote M!DGE/MG102i units In case that you choose using the dynamic DNS functionality, read the following section how to configure it correctly. Thanks to the dynamic DNS, you can refer to the units by a hostname, which is always the same no matter what the current IP address is. Dynamic DNS Many dynamic DNS services are supported and some of them are paid and others are free. In our example, we created an account on the no-ip.com service. RACOM s.r.o. M!DGE/MG102i 25

26 After configuring it, enable DynDNS service in M!DGE/MG102i and wait for the service negotiation. Now you can reach a remote M!DGE/MG102i unit either via a dynamic IP address or via the hostname racom36.no-ip.biz. You should check this in the SYSTEM Troubleshooting Network debugging Ping menu. 26 M!DGE/MG102i RACOM s.r.o.

27 Now you have a working dynamic DNS and the units are reachable. Proceed with the IPsec configuration. IPsec configuration Go to the VPN IPsec Tunnel Configuration menu and create a new tunnel by pressing the + sign. In the General tab, fill in the IP address of Central M!DGE/MG102i and apply the changes. In the next tab IKE Proposal, choose the type pre-shared key and fill in this key into the PSK field. One possible option is to set Local and Remote ID via FQDN as on the example below. Other parameters can stay in defaults or change them accordingly. RACOM s.r.o. M!DGE/MG102i 27

28 In the third tab, you can stay with default values. In the last tab, configure the local and remote networks which you want to be interconnected via the IPsec tunnel. 28 M!DGE/MG102i RACOM s.r.o.

29 Return to the IPsec Administration menu and enable the IPsec tunnel. If you already configured the central M!DGE/MG102i, the tunnel will be established. If not, continue with the central M!DGE/MG102i settings. Configuring the central M!DGE/MG102i Central M!DGE/MG102i configuration is almost the same as the remote ones. Again add a new tunnel and configure the tunnel accordingly. All the parameters need to be same on both ends of the tunnel. In case you are using the dynamic DNS option on the remote M!DGE/MG102i units, fill in the particular hostname as the Remote Peer instead of the IP address. RACOM s.r.o. M!DGE/MG102i 29

30 If you are not using dynamic DNS feature, fill in the Remote Peer IP address with The IKE Proposal menu should be the same as in the client's configuration, only switch the Local and Remote IDs. 30 M!DGE/MG102i RACOM s.r.o.

31 You also need to switch the Local and Peer networks in the Networks tab. RACOM s.r.o. M!DGE/MG102i 31

32 Now you are done with IPsec configuration and you can enable it in the Administration menu. Note During the IPsec configuration, you will be prompted to decrease the MSS to 1360 Bytes. IPsec adds some overhead to each packet and this feature should be enabled. 32 M!DGE/MG102i RACOM s.r.o.

33 Connectivity test You have the desired connectivity now, you can test it in the SYSTEM Troubleshooting Network debugging Ping menu. Note If you need to add additional routing rules, you need to add it in the IPsec configuration. IPsec does not create a new interface (as OpenVPN) and so the basic static routing cannot be used Setting the Ripex (address translating router) Setting of the central follows the same steps as described in the chapter Section 1.1.1, Setting the RipEX (address translating router). The destination IP addresses in the translation table have to be the Eth interface addresses of the respective remote M!DGE/MG102i routers Setting a remote M!DGE/MG102i router Besides setting of the OpenVPN tunnel, the RS232 and COM server parameters have to be properly configured. The tunnel interface is the route to the central application. Please follow the instructions in chapters Section 1.1.2, Setting of the central M!DGE/MG102i router and Section 1.1.3, Setting of remote M!DGE/MG102i routers Hybrid GSM/Radio networks The RipEX in the position of the address translation centre can be simultaneously used as the central radio modem in a standard UHF/VHF network. RACOM s.r.o. M!DGE/MG102i 33

34 Router mode should be used. All SCADA protocol addresses are translated to the respective IP address/udp port pairs and the IP routing table in the RipEX decides whether the UDP datagram enters the GSM or UHF/VHF radio network. Please check the RipEX manual for detailed information on the configuration. 34 M!DGE/MG102i RACOM s.r.o.

35 M!DGE/MG102i CENTRE 2. M!DGE/MG102i CENTRE This document is intended to be a support material for RACOM sales department. A detailed Application Note shall be written to provide assistance with a concrete technical solution; do not hesitate to ask RACOM TS for help with a specific solution of a project :-) Please note that while terms SCADA CENTRE and RTU are used in following pictures, the arrangements described apply to any application devices (like ATMs, lottery terminals, surveillance cameras,...) with the same type of interface (Eth or serial). Since the serial connection is discussed in the application note Chapter 1, SCADA serial protocols over GPRS routers, we concentrate on Eth-based applications in this document A standalone M!DGE in the centre This simple and easy solution is feasible for small networks with up to about 20 M!DGEs. Note that the centre reliability in this arrangement is limited by the reliability of the GPRS/UMTS service in the central location Central M!DGE static addresses Static IP addresses are required for all SIM cards. RACOM s.r.o. M!DGE/MG102i 35

36 M!DGE/MG102i CENTRE Central M!DGE VPN tunnels Static IP address is necessary for Central SIM card only - all others may use dynamic IP addresses. VPN Tunnels have to be initialised from remotes to the centre. The Midge in the centre is capable to simultaneously handle maximum 10 OpenVPN tunnels and 4 IPsec tunnels. I.e. max. 10 remotes for one application and another 4 for the 2 nd application. When a higher number of tunnels (i.e. a higher number of remote units) are required, a VPN concentrator has to be added - a special router (e.g. CISCO) for IPsec tunnels, an ordinary PC (Linux or Windows) for OpenVPN tunnels. 36 M!DGE/MG102i RACOM s.r.o.

37 M!DGE/MG102i CENTRE Redundant M!DGE in centre VPN tunnels only Two M!DGEs with virtual router protocol (VRRP) can be used. The VRRP (one virtual IP) is active for local LAN, Two independent static SIM IPs (one for each Midge) are used for GPRS network. OpenVPN (not the IPsec) is recommended for this scenario. RACOM s.r.o. M!DGE/MG102i 37

38 M!DGE/MG102i CENTRE This solution increases the reliability of centre in terms of HW. A redundant VPN concentrator (cluster) solution may be used to further improve the reliability. However a leased line to the GSM operator centre is more reliable solution and it is recommended whenever the reliability of the network really matters. (see Section 2.2, A leased line to GSM/UMTS network centre ) 2.2. A leased line to GSM/UMTS network centre This scenario is feasible for networks with any number of remote sites. A leased line normally provides a better reliability than a wireless GPRS/UMTS connection and its capacity is not limited by the GSM technology available at the centre location. The leased line connects the SCADA centre directly to the operator's CORE WAN. Sometimes it can be substituted by an Internet connection between the SCADA centre and the operator's centre Leased line connection static addresses Static IP addresses for all SIM cards are required. 38 M!DGE/MG102i RACOM s.r.o.

39 M!DGE/MG102i CENTRE Leased line connection VPN tunnels The static IP address in the centre is used, the SIM cards in remote M!DGEs may have static or dynamic IP addresses. A VPN concentrator has to be used - a special router (e.g. CISCO) for IPsec tunnels, an ordinary PC (Linux or Windows) for OpenVPN tunnels. The redundant VPN concentrator (cluster) solution may be used for higher reliability Redundant connection of remotes using two different GSM providers Dual SIM MG102i When the primary provider network fails, traffic is automatically switched to the second provider. Even with a single provider, two independent Access Point Names can be used to improve overall reliability. RACOM s.r.o. M!DGE/MG102i 39

40 M!DGE/MG102i CENTRE The fully redundant solution of the centre is possible as follows: Remote redundancy with two M!DGEs with VRRP - this solution can handle both the network service failure and the M!DGE router (+ antenna installation) HW fault(s). 40 M!DGE/MG102i RACOM s.r.o.

41 M!DGE/MG102i CENTRE A fully redundant solution for both the centre and remote locations is certainly possible. RACOM s.r.o. M!DGE/MG102i 41

42 M!DGE/MG102i CENTRE 2.3. Backup of WAN by UMTS/HSPA Under normal circumstances, VPN tunnels between remote and central M!DGEs are established over the WAN network. When the WAN fails, the traffic from/to the respective remote M!DGE is automatically redirected to the mobile network Serial port SCADA protocols implementation Point to multipoint communication SCADA protocols on serial interface use proprietary addressing. Since IP addresses have to be used in the GPRS network, a translation between the SCADA addresses on serial port and IP addresses is required. Additional equipment (e.g. a RipEX) is therefore needed in the centre. The RipEX in the centre wraps serial data into UDP datagrams and sends them to the respective IP destination addresses according to the rules set for the SCADA to IP address translation. The remote M!DGEs receive these datagrams, unwrap the serial data and send it to their respective serial interfaces. Remote units use the Com server and send all data from serial interface, wrapped in UDP datagrams, to the central static IP address (VPN tunnels can be used). The central RipEX receives these datagrams, unwraps the serial data and sends it to the SCADA centre. Note that the arrangements described in Section 2.1, A standalone M!DGE in the centre and Section 2.2, A leased line to GSM/UMTS network centre apply also to the serial SCADA protocols. 42 M!DGE/MG102i RACOM s.r.o.

43 M!DGE/MG102i CENTRE For detail information se Section 1.1, Static Addressing with M!DGE/MG102i router in the centre Point to point communication When a simple point-to-point link between two serial port SCADA devices is needed, no extra equipment (RipEX) is necessary. M!DGE routers at both ends of the link use the same configuration as the remote ones in point-to-multipoint scenario above. The Com servers are used for serial data to UDP datagram conversion. At least one of the M!DGEs has to have a static IP address, while the other can have a dynamically assigned one - a VPN tunnel has to be used then Section 2.1.2, Central M!DGE VPN tunnels. RACOM s.r.o. M!DGE/MG102i 43

44 M!DGE/MG102i CENTRE 2.5. GPRS and VHF/UHF radio data network combination The picture above describes an arrangement, where part of the remote sites is connected over a private UHF/VHF radio network (e.g. sites requiring 99.9% availability) and the remaining sites are connected over a GPRS public network (e.g. distant, isolated locations where it would be uneconomical to extend the radio coverage to). The M!DGE part functionality and settings are the same as described in the Section 2.4.1, Point to multipoint communication. Then the RipEX serving as the master of the radio part interfaces the SCADA centre, performs the serial data conversion (when needed) and then decides whether a UDP datagram enters the GSM or the UHF/VHF radio network. Please check the RipEX manual for detailed information about the radio network settings. 44 M!DGE/MG102i RACOM s.r.o.

45 Backup of WAN by UMTS/HSPA 3. Backup of WAN by UMTS/HSPA Under typical circumstances, VPN tunnels between central M!DGE and other routers are established over the WAN network. When the WAN fails, traffic to/from the respective remote router is automatically redirected to the cellular network. Fig. 3.1: Typical topology diagram 3.1. Basic M!DGE configuration RACOM s.r.o. M!DGE/MG102i 45

46 Backup of WAN by UMTS/HSPA M!DGE is connected via the WAN network using its LAN2 interface. The WWAN1 link (cellular network) is down and the IPsec VPN connection is already established. To achieve this, several steps must be performed Ethernet Ports In the example, the first port (LAN1) is used for the local subnet /24 and the WAN port (LAN2) is configured with an IP address /24. See the following pictures for the details. 46 M!DGE/MG102i RACOM s.r.o.

47 Backup of WAN by UMTS/HSPA Cellular Network Note See the M!DGE manual 1 for configuration details VPN Tunnel Configure and enable the IPsec (or OpenVPN) tunnel to the remote peer. In the example, the local network is /24 and remote networks are /24 and / WAN Configuration In the Link Management menu, configure the LAN2 interface as the permanent and primary option. Set the WWAN interface as its backup. The Establishment mode can be either set to on switchover (to be connected only when the permanent link is not active) or permanent (to be connected all the time it is used for the quicker link switching). 1 RACOM s.r.o. M!DGE/MG102i 47

48 Backup of WAN by UMTS/HSPA Another step is configuring the Supervision feature. The Supervision enables M!DGE to control the link switching procedure. In our example, M!DGE checks the connection by executing the ping packets to the host on the IP address , which should be reachable via Internet. If five consecutive ping packets are unsuccessful, the link is considered down and is switched. If there is no connectivity for 30 minutes, the unit is rebooted as a result of the Emergency action. 48 M!DGE/MG102i RACOM s.r.o.

49 Backup of WAN by UMTS/HSPA 3.2. Practical Test Now you should be connected via the primary WAN link (LAN2). The easiest way to test the switching is to unplug the ETH cable from the LAN2 interface. M!DGE almost immediately recognizes the unplugged cable and it switches to the cellular network. The VPN tunnel should also be reestablished. Note You can test the connectivity by issuing a ping to any desired IP address (e.g. behind the VPN tunnel) in the SYSTEM Troubleshooting Network debugging menu. Plug the cable back into the LAN2 interface and wait a moment for the M!DGE to reestablish the primary connection again. You can also check the Supervision feature. Example 3.1. Cellular connection Fill in both host IP addresses in the Supervision menu. One needs to be reachable only via the cellular network and the other one only via the WAN network. Turn off the server with an IP address reachable via the WAN network. The active connection should be changed to the cellular network. Turn on the server again and see the link switch back to the primary one. RACOM s.r.o. M!DGE/MG102i 49

50 Revision History Appendix A. Revision History Revision 1.0 First issue Revision Added Chapter 2, M!DGE/MG102i CENTRE Revision Added Chapter 3, Backup of WAN by UMTS/HSPA Revision Updated according to M!DGE/MG102i FW 50 M!DGE/MG102i RACOM s.r.o.

Technical Notes TN 1 - ETG 3000. FactoryCast Gateway TSX ETG 3021 / 3022 modules. How to Setup a GPRS Connection?

Technical Notes TN 1 - ETG 3000. FactoryCast Gateway TSX ETG 3021 / 3022 modules. How to Setup a GPRS Connection? FactoryCast Gateway TSX ETG 3021 / 3022 modules How to Setup a GPRS Connection? 1 2 Table of Contents 1- GPRS Overview... 4 Introduction... 4 GPRS overview... 4 GPRS communications... 4 GPRS connections...

More information

TK800-Series Industrial GPRS / UMTS / LTE Router

TK800-Series Industrial GPRS / UMTS / LTE Router The new generation LTE with 100 Mbps LTE standard for high transmission rates and good network coverage in sparsely populated areas Dynamic Multipoint VPN GRE, L2TP, IPSec, DMVPN, OpenVPN Simple and fast

More information

UIP1868P User Interface Guide

UIP1868P User Interface Guide UIP1868P User Interface Guide (Firmware version 0.13.4 and later) V1.1 Monday, July 8, 2005 Table of Contents Opening the UIP1868P's Configuration Utility... 3 Connecting to Your Broadband Modem... 4 Setting

More information

Using Remote Desktop Software with the LAN-Cell

Using Remote Desktop Software with the LAN-Cell Using Remote Desktop Software with the LAN-Cell Technote LCTN0010 Proxicast, LLC 312 Sunnyfield Drive Suite 200 Glenshaw, PA 15116 1-877-77PROXI 1-877-777-7694 1-412-213-2477 Fax: 1-412-492-9386 E-Mail:

More information

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1 Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1 This document describes how to configure an IPSec tunnel with a WatchGuard Firebox II or Firebox III (software version 4.5 or later)

More information

Chapter 2 Connecting the FVX538 to the Internet

Chapter 2 Connecting the FVX538 to the Internet Chapter 2 Connecting the FVX538 to the Internet Typically, six steps are required to complete the basic connection of your firewall. Setting up VPN tunnels are covered in Chapter 5, Virtual Private Networking.

More information

Innominate mguard Version 6

Innominate mguard Version 6 Innominate mguard Version 6 Configuration Examples mguard smart mguard PCI mguard blade mguard industrial RS EAGLE mguard mguard delta Innominate Security Technologies AG Albert-Einstein-Str. 14 12489

More information

H0/H2/H4 -ECOM100 DHCP & HTML Configuration. H0/H2/H4--ECOM100 DHCP Disabling DHCP and Assigning a Static IP Address Using HTML Configuration

H0/H2/H4 -ECOM100 DHCP & HTML Configuration. H0/H2/H4--ECOM100 DHCP Disabling DHCP and Assigning a Static IP Address Using HTML Configuration H0/H2/H4 -ECOM100 DHCP & HTML 6 H0/H2/H4--ECOM100 DHCP Disabling DHCP and Assigning a Static IP Address Using HTML 6-2 H0/H2/H4 -ECOM100 DHCP DHCP Issues The H0/H2/H4--ECOM100 is configured at the factory

More information

Chapter 6 Virtual Private Networking

Chapter 6 Virtual Private Networking Chapter 6 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the FVX538 VPN firewall. VPN tunnels provide secure, encrypted communications between

More information

Technology Spotlight on Cellular Data Networking for SCADA system networks. Presented by Teamwork Solutions, Inc.

Technology Spotlight on Cellular Data Networking for SCADA system networks. Presented by Teamwork Solutions, Inc. on Cellular Data Networking for SCADA system networks Presented by Teamwork Solutions, Inc. Wireless (Cellular) Data Networking Internet SCADA Server How Wireless (Cellular) Data Networking Works Dynamic

More information

TK700 +70 C -25 C 95% RH EMC TK701G TK701U TK704G TK704U TK704W. TK-Series Cellular Router

TK700 +70 C -25 C 95% RH EMC TK701G TK701U TK704G TK704U TK704W. TK-Series Cellular Router +70 C -25 C 95% RH EMC TK701G TK701U TK704G TK704U TK704W The industrial 2G GPRS- and 3G UMTS routers offered by Welotec enables the access to Ethernet devices or a local network remotely via mobile network

More information

Broadband Phone Gateway BPG510 Technical Users Guide

Broadband Phone Gateway BPG510 Technical Users Guide Broadband Phone Gateway BPG510 Technical Users Guide (Firmware version 0.14.1 and later) Revision 1.0 2006, 8x8 Inc. Table of Contents About your Broadband Phone Gateway (BPG510)... 4 Opening the BPG510's

More information

WAN Failover Scenarios Using Digi Wireless WAN Routers

WAN Failover Scenarios Using Digi Wireless WAN Routers WAN Failover Scenarios Using Digi Wireless WAN Routers This document discusses several methods for using a Digi wireless WAN gateway to provide WAN failover for IP connections in conjunction with another

More information

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM Objective Scenario Topology In this lab, the students will complete the following tasks: Prepare to configure Virtual Private Network (VPN)

More information

1 PC to WX64 direction connection with crossover cable or hub/switch

1 PC to WX64 direction connection with crossover cable or hub/switch 1 PC to WX64 direction connection with crossover cable or hub/switch If a network is not available, or if it is desired to keep the WX64 and PC(s) completely separated from other computers, a simple network

More information

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC 1 Introduction Release date: 11/12/2003 This application note details the steps for creating an IKE IPSec VPN tunnel

More information

User Manual Revision 1.400 English Converter / Adapter Ethernet to RS232 / RS485 (Order Code: HD67038-2 HD67038-2-M HD67038-25 HD67038-25-M)

User Manual Revision 1.400 English Converter / Adapter Ethernet to RS232 / RS485 (Order Code: HD67038-2 HD67038-2-M HD67038-25 HD67038-25-M) Document code: MN67038-2_ENG Revision 1.400 Page 1 of 25 User Manual Revision 1.400 English Converter / Adapter Ethernet to RS232 / RS485 (Order Code: HD67038-2 HD67038-2-M HD67038-25 HD67038-25-M) for

More information

Multi-Homing Dual WAN Firewall Router

Multi-Homing Dual WAN Firewall Router Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet

More information

Talk2M ewon Internet Connection How To

Talk2M ewon Internet Connection How To AUG: 003 Rev.: 1.0 How To GPRS Contents: This guide will explain how to set up the Internet connection of your ewon for the Talk2M connection. Table of Contents 1. Hardware and software requirements...

More information

Configure an IPSec Tunnel between a Firebox Vclass & a Check Point FireWall-1

Configure an IPSec Tunnel between a Firebox Vclass & a Check Point FireWall-1 Configure an IPSec Tunnel between a Firebox Vclass & a Check Point FireWall-1 This document describes how to configure an IPSec tunnel between a WatchGuard Firebox Vclass appliance (Vcontroller version

More information

Debugging Network Communications. 1 Check the Network Cabling

Debugging Network Communications. 1 Check the Network Cabling Debugging Network Communications Situation: you have a computer and your NetBurner device on a network, but you cannot communicate between the two. This application note provides a set of debugging steps

More information

Appendix C Network Planning for Dual WAN Ports

Appendix C Network Planning for Dual WAN Ports Appendix C Network Planning for Dual WAN Ports This appendix describes the factors to consider when planning a network using a firewall that has dual WAN ports. This appendix contains the following sections:

More information

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T+ 485+ PIN6 T- 485- PIN7 R+ PIN8 R-

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T+ 485+ PIN6 T- 485- PIN7 R+ PIN8 R- MODEL ATC-2004 TCP/IP TO RS-232/422/485 CONVERTER User s Manual 1.1 Introduction The ATC-2004 is a 4 Port RS232/RS485 to TCP/IP converter integrated with a robust system and network management features

More information

Chapter 4 Customizing Your Network Settings

Chapter 4 Customizing Your Network Settings Chapter 4 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the RangeMax Dual Band Wireless-N Router WNDR3300, including LAN, WAN, and routing settings.

More information

Configuring a VPN for Dynamic IP Address Connections

Configuring a VPN for Dynamic IP Address Connections Configuring a VPN for Dynamic IP Address Connections Summary A Virtual Private Network (VPN) is a virtual private network that interconnects remote (and often geographically separate) networks through

More information

Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel

Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel This document describes the procedures required to configure an IPSec VPN tunnel between a WatchGuard SOHO or SOHO tc and a Check Point FireWall-1.

More information

Quick Note 20. Configuring a GRE tunnel over an IPSec tunnel and using BGP to propagate routing information. (GRE over IPSec with BGP)

Quick Note 20. Configuring a GRE tunnel over an IPSec tunnel and using BGP to propagate routing information. (GRE over IPSec with BGP) Quick Note 20 Configuring a GRE tunnel over an IPSec tunnel and using BGP to propagate routing information. (GRE over IPSec with BGP) Appendix A GRE over IPSec with Static routes UK Support August 2012

More information

Guideline for setting up a functional VPN

Guideline for setting up a functional VPN Guideline for setting up a functional VPN Why do I want a VPN? VPN by definition creates a private, trusted network across an untrusted medium. It allows you to connect offices and people from around the

More information

Multi-Homing Security Gateway

Multi-Homing Security Gateway Multi-Homing Security Gateway MH-5000 Quick Installation Guide 1 Before You Begin It s best to use a computer with an Ethernet adapter for configuring the MH-5000. The default IP address for the MH-5000

More information

Windows XP VPN Client Example

Windows XP VPN Client Example Windows XP VPN Client Example Technote LCTN0007 Proxicast, LLC 312 Sunnyfield Drive Suite 200 Glenshaw, PA 15116 1-877-77PROXI 1-877-777-7694 1-412-213-2477 Fax: 1-412-492-9386 E-Mail: support@proxicast.com

More information

Accessing Remote Devices via the LAN-Cell 2

Accessing Remote Devices via the LAN-Cell 2 Accessing Remote Devices via the LAN-Cell 2 Technote LCTN0017 Proxicast, LLC 312 Sunnyfield Drive Suite 200 Glenshaw, PA 15116 1-877-77PROXI 1-877-777-7694 1-412-213-2477 Fax: 1-412-492-9386 E-Mail: support@proxicast.com

More information

VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router:

VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router: Page 1 of 8 VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router: This document will guide you on how to create IKE and auto-vpn policies for your ProSafe NETGEAR Router, as well as

More information

Digicom Remote Control for the SRT

Digicom Remote Control for the SRT Digicom Remote Control for the SRT To operate the SRT remotely, use Remote Desktop; this is available free for Linux, Mac OS-X (from Microsoft), and is included with Windows XP and later. As RD uses a

More information

LAN-Cell to Cisco Tunneling

LAN-Cell to Cisco Tunneling LAN-Cell to Cisco Tunneling Page 1 of 13 LAN-Cell to Cisco Tunneling This Tech Note guides you through setting up a VPN connection between a LAN-Cell and a Cisco router. As the figure below shows, the

More information

The Industrial Wireless Book - Articles TECHNICAL ARTICLE: USING GPRS TO CONNECT SMALL, OUTLYING STATIONS

The Industrial Wireless Book - Articles TECHNICAL ARTICLE: USING GPRS TO CONNECT SMALL, OUTLYING STATIONS Page 1 of 6 Print this Page Close this Window TECHNICAL ARTICLE: USING GPRS TO CONNECT SMALL, OUTLYING STATIONS Process monitoring and control for electricity distribution grids until now has been available

More information

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Firewall VPN Router. Quick Installation Guide M73-APO09-380 Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,

More information

Viewing VPN Status, page 335. Configuring a Site-to-Site VPN, page 340. Configuring IPsec Remote Access, page 355

Viewing VPN Status, page 335. Configuring a Site-to-Site VPN, page 340. Configuring IPsec Remote Access, page 355 VPN This chapter describes how to configure Virtual Private Networks (VPNs) that allow other sites and remote workers to access your network resources. It includes the following sections: About VPNs, page

More information

SSL-VPN 200 Getting Started Guide

SSL-VPN 200 Getting Started Guide Secure Remote Access Solutions APPLIANCES SonicWALL SSL-VPN Series SSL-VPN 200 Getting Started Guide SonicWALL SSL-VPN 200 Appliance Getting Started Guide Thank you for your purchase of the SonicWALL SSL-VPN

More information

CONFIGURATION MANUAL. for v2 routers

CONFIGURATION MANUAL. for v2 routers CONFIGURATION MANUAL for v2 routers USED SYMBOLS Used symbols Danger important notice, which may have an influence on the user s safety or the function of the device. Attention notice on possible problems,

More information

How To Configure An Ipsec Tunnel On A Network With A Network Gateways (Dfl-800) On A Pnet 2.5V2.5 (Dlf-600) On An Ipse 2.0.5 Vpn

How To Configure An Ipsec Tunnel On A Network With A Network Gateways (Dfl-800) On A Pnet 2.5V2.5 (Dlf-600) On An Ipse 2.0.5 Vpn - Network topology WAN IP: 9.68.0.3/4 DFL-800 LAN IP: 9.68.3./4 WAN Static IP: 9.68.0.4/4 Remote LAN Internal LAN IP: 9.68.3.0/4 DFL-600 LAN IP: 9.68../4 PC IP: 9.68.3.00/4 Internal LAN IP: 9.68..0/4 PC

More information

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding This chapter describes the configuration for the SSL VPN Tunnel Client and for Port Forwarding. When a remote user accesses the SSL VPN

More information

Chapter 7 Troubleshooting

Chapter 7 Troubleshooting Chapter 7 Troubleshooting This chapter provides troubleshooting tips and information for your ProSafe VPN Firewall 200. After each problem description, instructions are provided to help you diagnose and

More information

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router VPN Configuration Guide Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router 2014 equinux AG and equinux USA, Inc. All rights reserved. Under copyright law, this manual may not be copied, in whole or in

More information

IP Address and Pre-configuration Information

IP Address and Pre-configuration Information IP Address and Pre-configuration Information Ethernet Connectivity: Connect your workstation or device to the Digi Cellular Device via one of these methods: Direct from workstation to Digi Cellular Device

More information

SURF Feed Connection Guide

SURF Feed Connection Guide SURF Feed Connection Guide Tullett Prebon Information Ltd A wholly owned subsidiary of Tullett Prebon Version 6.0 3 rd August 2005 Contents 1. Introduction...3 1.1 General...3 2. Connectivity via the Internet...4

More information

VPN Tracker for Mac OS X

VPN Tracker for Mac OS X VPN Tracker for Mac OS X How-to: Interoperability with WatchGuard Firebox Internet Security Appliances Rev. 4.0 Copyright 2003-2005 equinux USA Inc. All rights reserved. 1. Introduction 1. Introduction

More information

User s Manual TCP/IP TO RS-232/422/485 CONVERTER. 1.1 Introduction. 1.2 Main features. Dynamic DNS

User s Manual TCP/IP TO RS-232/422/485 CONVERTER. 1.1 Introduction. 1.2 Main features. Dynamic DNS MODEL ATC-2000 TCP/IP TO RS-232/422/485 CONVERTER User s Manual 1.1 Introduction The ATC-2000 is a RS232/RS485 to TCP/IP converter integrated with a robust system and network management features designed

More information

MAX T1/E1. Quick Start Guide. VoIP Gateway. Version 1.0

MAX T1/E1. Quick Start Guide. VoIP Gateway. Version 1.0 MAX T1/E1 TM VoIP Gateway Quick Start Guide Version 1.0 Contents INTRODUCTION 1 Hardware Needed Software Needed 1 1 NET2PHONE MAX SET UP Hardware Set Up Software Set Up Set Up Internet Protocol (IP) Address

More information

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup 1:1 NAT in ZeroShell Requirements The version of ZeroShell used for writing this document is Release 1.0.beta11. This document does not describe installing ZeroShell, it is assumed that the user already

More information

Chapter 4 Customizing Your Network Settings

Chapter 4 Customizing Your Network Settings . Chapter 4 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the Wireless-G Router Model WGR614v9, including LAN, WAN, and routing settings. It

More information

Innominate mguard Version 7.0 Configuration Examples

Innominate mguard Version 7.0 Configuration Examples Innominate mguard Version 7.0 Configuration Examples mguard smart mguard centerport mguard blade mguard industrial RS mguard PCI mguard delta Innominate Security Technologies AG Rudower Chaussee 13 12489

More information

Digi Connect WAN Application Helper Configuring and Testing the Digi Connect WAN GSM

Digi Connect WAN Application Helper Configuring and Testing the Digi Connect WAN GSM Digi Connect WAN Application Helper Configuring and Testing the Digi Connect WAN GSM IP Address and Pre-configuration Information Ethernet Connectivity: Connect your workstation or device to the Digi Connect

More information

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface. Quick Note 53 Ethernet to W-WAN failover with logical Ethernet interface. Digi Support August 2015 1 Contents 1 Introduction... 2 1.1 Introduction... 2 1.2 Assumptions... 3 1.3 Corrections... 3 2 Version...

More information

Workflow Guide. Establish Site-to-Site VPN Connection using RSA Keys. For Customers with Sophos Firewall Document Date: November 2015

Workflow Guide. Establish Site-to-Site VPN Connection using RSA Keys. For Customers with Sophos Firewall Document Date: November 2015 Workflow Guide Establish Site-to-Site VPN Connection using RSA Keys For Customers with Sophos Firewall Document Date: November 2015 November 2015 Page 1 of 10 Establish Site-to-Site VPN Connection using

More information

Pre-lab and In-class Laboratory Exercise 10 (L10)

Pre-lab and In-class Laboratory Exercise 10 (L10) ECE/CS 4984: Wireless Networks and Mobile Systems Pre-lab and In-class Laboratory Exercise 10 (L10) Part I Objectives and Lab Materials Objective The objectives of this lab are to: Familiarize students

More information

Using a Sierra Wireless AirLink Raven X or Raven-E with a Cisco Router Application Note

Using a Sierra Wireless AirLink Raven X or Raven-E with a Cisco Router Application Note Using a Sierra Wireless AirLink Raven X or Raven-E with a Application Note Cisco routers deliver the performance, availability, and reliability required for scaling mission-critical business applications

More information

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials. CHAPTER 5 OBJECTIVES Configure a router with an initial configuration. Use the

More information

Configuring TheGreenBow VPN Client with a TP-LINK VPN Router

Configuring TheGreenBow VPN Client with a TP-LINK VPN Router Configuring TheGreenBow VPN Client with a TP-LINK VPN Router This chapter describes how to configure TheGreenBow VPN Client with a TP-LINK router. This chapter includes the following sections: Example

More information

Using Remote Desktop Software with the LAN-Cell 3

Using Remote Desktop Software with the LAN-Cell 3 Using Remote Desktop Software with the LAN-Cell 3 Technote LCTN3010 Proxicast, LLC 312 Sunnyfield Drive Suite 200 Glenshaw, PA 15116 1-877-77PROXI 1-877-777-7694 1-412-213-2477 Fax: 1-412-492-9386 E-Mail:

More information

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering Introduction Digi Connect Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering The Digi Connect supports five features which provide security and IP traffic forwarding when using incoming

More information

PC/POLL SYSTEMS Version 7 Polling SPS2000 Cash Register TCP/IP Communications

PC/POLL SYSTEMS Version 7 Polling SPS2000 Cash Register TCP/IP Communications PC/POLL SYSTEMS Version 7 Polling SPS2000 Cash Register TCP/IP Communications PC/POLL SYSTEMS supports native TCP/IP polling for the SPS2000 cash register. It is recommended users have the register updated

More information

your Gateway Windows network installationguide 802.11b wireless series Router model WBR-100 Configuring Installing

your Gateway Windows network installationguide 802.11b wireless series Router model WBR-100 Configuring Installing your Gateway Windows network installationguide 802.11b wireless series Router model WBR-100 Installing Configuring Contents 1 Introduction...................................................... 1 Features...........................................................

More information

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1 Smart Tips Enabling WAN Load Balancing Overview Many small businesses today use broadband links such as DSL or Cable, favoring them over the traditional link such as T1/E1 or leased lines because of the

More information

Chapter 6 Basic Virtual Private Networking

Chapter 6 Basic Virtual Private Networking Chapter 6 Basic Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the FVG318 wireless VPN firewall. VPN communications paths are called tunnels.

More information

Initial Access and Basic IPv4 Internet Configuration

Initial Access and Basic IPv4 Internet Configuration Initial Access and Basic IPv4 Internet Configuration This quick start guide provides initial and basic Internet (WAN) configuration information for the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

More information

LAB THREE STATIC ROUTING

LAB THREE STATIC ROUTING LAB THREE STATIC ROUTING In this lab you will work with four different network topologies. The topology for Parts 1-4 is shown in Figure 3.1. These parts address router configuration on Linux PCs and a

More information

Configure IPSec VPN Tunnels With the Wizard

Configure IPSec VPN Tunnels With the Wizard Configure IPSec VPN Tunnels With the Wizard This quick start guide provides basic configuration information about setting up IPSec VPN tunnels by using the VPN Wizard on the ProSafe Wireless-N 8-Port Gigabit

More information

Barracuda Link Balancer

Barracuda Link Balancer Barracuda Networks Technical Documentation Barracuda Link Balancer Administrator s Guide Version 2.2 RECLAIM YOUR NETWORK Copyright Notice Copyright 2004-2011, Barracuda Networks www.barracuda.com v2.2-110503-01-0503

More information

1. MOXA NPort Express TCP/IP to RS-232 server

1. MOXA NPort Express TCP/IP to RS-232 server GS_GSR_GCR_UserManual_App_E_MOXA_V01.doc / 17.08.2009 GeoSIG Ltd. Appendix E Page E-1 1. MOXA NPort Express TCP/IP to RS-232 server 1.1. General Explanations The NPort Express RS-232/422/485 Device server

More information

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network 5.0 Network Architecture 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network 1 5.1The Internet Worldwide connectivity ISPs connect private and business users Private: mostly dial-up connections Business:

More information

BR-800. ProHD Broadcaster. Easy Set-Up Guide V 1.01

BR-800. ProHD Broadcaster. Easy Set-Up Guide V 1.01 BR-800 ProHD Broadcaster Easy Set-Up Guide V 1.01 BR-800 EASY SET-UP GUIDE BEFOREYOUBEGIN! Pleasedeterminethetypeofconfigurationbyselectingthescenariothatbest describesthewayyouwillbeusingyourbr-800prohdbroadcaster.onceyouhavedeterminedyour

More information

Introduction. Technology background

Introduction. Technology background White paper: Redundant IP-VPN networks Introduction IP VPN solutions based on the IPsec protocol are already available since a number of years. The main driver for these kinds of solutions is of course

More information

Barracuda Link Balancer Administrator s Guide

Barracuda Link Balancer Administrator s Guide Barracuda Link Balancer Administrator s Guide Version 1.0 Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2008, Barracuda Networks

More information

Connecting Remote Offices by Setting Up VPN Tunnels

Connecting Remote Offices by Setting Up VPN Tunnels Connecting Remote Offices by Setting Up VPN Tunnels Cisco RV0xx Series Routers Overview As your business expands to additional sites, you need to ensure that all employees have access to the network resources

More information

Chapter 12 Supporting Network Address Translation (NAT)

Chapter 12 Supporting Network Address Translation (NAT) [Previous] [Next] Chapter 12 Supporting Network Address Translation (NAT) About This Chapter Network address translation (NAT) is a protocol that allows a network with private addresses to access information

More information

VPN Wizard Default Settings and General Information

VPN Wizard Default Settings and General Information 1. ProSecure UTM Quick Start Guide This quick start guide describes how to use the IPSec VPN Wizard to configure IPSec VPN tunnels on the ProSecure Unified Threat Management (UTM) Appliance. The IP security

More information

2. IP Networks, IP Hosts and IP Ports

2. IP Networks, IP Hosts and IP Ports 1. Introduction to IP... 1 2. IP Networks, IP Hosts and IP Ports... 1 3. IP Packet Structure... 2 4. IP Address Structure... 2 Network Portion... 2 Host Portion... 3 Global vs. Private IP Addresses...3

More information

TW100-BRF114 Firewall Router. User's Guide. Cable/DSL Internet Access. 4-Port Switching Hub

TW100-BRF114 Firewall Router. User's Guide. Cable/DSL Internet Access. 4-Port Switching Hub TW100-BRF114 Firewall Router Cable/DSL Internet Access 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION...1 TW100-BRF114 Features...1 Package Contents...3 Physical Details...

More information

Configuring WAN Failover with a Cisco 881 Router and an AirLink ES440

Configuring WAN Failover with a Cisco 881 Router and an AirLink ES440 Configuring WAN Failover with a Cisco 881 Router and an AirLink ES440 When the AirLink ES440 is combined with a third-party router, the combined solution supports business continuity by providing primary

More information

How To Configure Apple ipad for Cyberoam L2TP

How To Configure Apple ipad for Cyberoam L2TP How To Configure Apple ipad for Cyberoam L2TP VPN Connection Applicable to Version: 10.00 (All builds) Layer 2 Tunneling Protocol (L2TP) can be used to create VPN tunnel over public networks such as the

More information

Chapter 3 LAN Configuration

Chapter 3 LAN Configuration Chapter 3 LAN Configuration This chapter describes how to configure the advanced LAN features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. This chapter contains the following sections

More information

Netgear ProSafe VPN firewall (FVS318 or FVM318) to Cisco PIX firewall

Netgear ProSafe VPN firewall (FVS318 or FVM318) to Cisco PIX firewall Netgear ProSafe VPN firewall (FVS318 or FVM318) to Cisco PIX firewall This document is a step-by-step instruction for setting up VPN between Netgear ProSafe VPN firewall (FVS318 or FVM318) and Cisco PIX

More information

TW100-BRV204 VPN Firewall Router

TW100-BRV204 VPN Firewall Router TW100-BRV204 VPN Firewall Router Cable/DSL Internet Access 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION... 1 TW100-BRV204 Features... 1 Package Contents... 3 Physical Details...

More information

CONFIGURATION MANUAL. for v2 routers

CONFIGURATION MANUAL. for v2 routers CONFIGURATION MANUAL for v2 routers USED SYMBOLS Used symbols Danger important notice, which may have an influence on the user s safety or the function of the device. Attention notice on possible problems,

More information

Savvius Insight Initial Configuration

Savvius Insight Initial Configuration The configuration utility on Savvius Insight lets you configure device, network, and time settings. Additionally, if you are forwarding your data from Savvius Insight to a Splunk server, You can configure

More information

VPN Configuration Guide. Cisco Small Business (Linksys) RV016 / RV042 / RV082

VPN Configuration Guide. Cisco Small Business (Linksys) RV016 / RV042 / RV082 VPN Configuration Guide Cisco Small Business (Linksys) RV016 / RV042 / RV082 2010 equinux AG and equinux USA, Inc. All rights reserved. Under copyright law, this configuration guide may not be copied,

More information

WAN Routing Configuration Examples for the Secure Services Gateway Family

WAN Routing Configuration Examples for the Secure Services Gateway Family Application Note WAN Routing Configuration Examples for the Secure Services Gateway Family Chien-shun Chu SPG Technical Marketing November, 2006 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale,

More information

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W Article ID: 5037 Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W Objective IPSec VPN (Virtual Private Network) enables you to securely obtain remote resources by establishing

More information

How To. Instreamer to Exstreamer connection. Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection. How To 1.

How To. Instreamer to Exstreamer connection. Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection. How To 1. Instreamer to Exstreamer connection Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection 1.11 Date: 06.03.2013 2013 Barix AG, all rights reserved. All information is subject

More information

Configuring a BANDIT Product for Virtual Private Networks

Configuring a BANDIT Product for Virtual Private Networks encor! enetworks TM Version A, March 2008 2013 Encore Networks, Inc. All rights reserved. Configuring a BANDIT Product for Virtual Private Networks O ne of the principal features in the BANDIT family of

More information

LevelOne. User Manual. FBR-1430 VPN Broadband Router, 1W 4L V1.0

LevelOne. User Manual. FBR-1430 VPN Broadband Router, 1W 4L V1.0 LevelOne FBR-1430 VPN Broadband Router, 1W 4L User Manual V1.0 Table of Contents CHAPTER 1 INTRODUCTION... 1 VPN BROADBAND ROUTER FEATURES... 1 Internet Access Features... 1 Advanced Internet Functions...

More information

Basic ViPNet VPN Deployment Schemes. Supplement to ViPNet Documentation

Basic ViPNet VPN Deployment Schemes. Supplement to ViPNet Documentation Basic ViPNet VPN Deployment Schemes Supplement to ViPNet Documentation 1991 2015 Infotecs Americas. All rights reserved. Version: 00121-04 90 01 ENU This document is included in the software distribution

More information

Installation of the On Site Server (OSS)

Installation of the On Site Server (OSS) Installation of the On Site Server (OSS) rev 1.1 Step #1 - Initial Connection to the OSS Having plugged in power and an ethernet cable in the eth0 interface (see diagram below) you can connect to the unit

More information

White Paper. Telenor VPN

White Paper. Telenor VPN White Paper Telenor VPN Versjon 2.2 September 2006 Side 1 av 5 Table of contents 1 Short introduction... 3 2 Product information... 3 2.1 Mobile Data Access... 3 2.2 SMS Acess and SMS Bedrift... 4 2.3

More information

Chapter 10 Troubleshooting

Chapter 10 Troubleshooting Chapter 10 Troubleshooting This chapter provides troubleshooting tips and information for your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. After each problem description, instructions are provided

More information

DSL-G604T Install Guides

DSL-G604T Install Guides Internet connection with NAT...2 Internet connection with No NAT, IP Un-number...6 Port Forwarding...12 Filtering & Firewall Setup...20 Access Control... 21 DMZ Setup... 26 Allow Incoming Ping... 27 How

More information

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Configuring IPsec VPN with a FortiGate and a Cisco ASA Configuring IPsec VPN with a FortiGate and a Cisco ASA The following recipe describes how to configure a site-to-site IPsec VPN tunnel. In this example, one site is behind a FortiGate and another site

More information

VPN Quick Configuration Guide. Astaro Security Gateway V8

VPN Quick Configuration Guide. Astaro Security Gateway V8 VPN Quick Configuration Guide Astaro Security Gateway V8 2010 equinux AG and equinux USA, Inc. All rights reserved. Under copyright law, this configuration guide may not be copied, in whole or in part,

More information

Broadband Router ALL1294B

Broadband Router ALL1294B Broadband Router ALL1294B Broadband Internet Access 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION... 1 Broadband Router Features... 1 Package Contents... 3 Physical Details...

More information

Ethernet Interface Manual Thermal / Label Printer. Rev. 1.01 Metapace T-1. Metapace T-2 Metapace L-1 Metapace L-2

Ethernet Interface Manual Thermal / Label Printer. Rev. 1.01 Metapace T-1. Metapace T-2 Metapace L-1 Metapace L-2 Ethernet Interface Manual Thermal / Label Printer Rev. 1.01 Metapace T-1 Metapace T-2 Metapace L-1 Metapace L-2 Table of contents 1. Interface setting Guiding...3 2. Manual Information...4 3. Interface

More information