HIRSCHMANN NG800 Automotive Gateway User Manual
- June 15, 2024
- HIRSCHMANN
Table of Contents
- HIRSCHMANN NG800 Automotive Gateway
- NetModule Automotive Gateway NG800
- Product Information
- Features
- License Information
- Product Usage Instructions
- Configuration and Maintenance
- Additional Resources
- FAQ
- Welcome to NetModule
- Conformity
- Specifications
- INTERFACES
- References
- Read User Manual Online (PDF format)
- Download This Manual (PDF format)
HIRSCHMANN NG800 Automotive Gateway
NetModule Automotive Gateway NG800
Specifications:
- Software Version: 4.8.0.102
- Manual Version: 2.1570
- Manufacturer: NetModule AG
- Country of Origin: Switzerland
Product Information
The NetModule Automotive Gateway NG800 is a versatile device designed to provide connectivity and communication capabilities for automotive applications. It is equipped with a wide range of features and functionalities, making it suitable for various use cases.
Features
- Supports multiple wireless communication technologies
- Embedded GNSS module for accurate positioning
- Robust routing capabilities for efficient data transfer
- Advanced security features to protect data
- Easy configuration and maintenance
License Information
A significant portion of the source code used in this product is available under free and open-source licenses, such as the GNU General Public License (GPL). For detailed license information regarding specific software packages, please contact the manufacturer.
Trademark Information:
All product and company names mentioned in this manual are used for
identification purposes only and may be trademarks or registered trademarks of
their respective owners.
Contact Information:
If you have any questions or need further assistance, you can reach out to
NetModule AG through the following channels:
- Website: https://www.netmodule.com
- Support Portal: https://support.netmodule.com
- Address: NetModule AG, Maulbeerstrasse 10, CH-3011 Bern, Switzerland
- Phone: +41 31 985 25 10
- Fax: +41 31 985 25 11
- Email: info@netmodule.com
Product Usage Instructions
Device Commissioning:
Before using the NetModule Automotive Gateway NG800, it is important to
properly commission the device. Follow the steps below:
- Ensure that the device is powered off.
- Connect the necessary cables and interfaces to the device, including power supply, network connections, and any additional peripherals.
- Power on the device and wait for it to initialize.
Installation Procedure:
Proper installation of the NetModule Automotive Gateway NG800 is crucial
for optimal performance. Follow these guidelines:
- Select a suitable location for the device, ensuring proper ventilation and protection against environmental factors.
- Mount the device securely using the provided mounting brackets or other suitable means.
- Connect the required cables and interfaces, making sure they are securely attached.
Configuration and Maintenance
The NetModule Automotive Gateway NG800 offers various configuration options to adapt to specific requirements. To configure and maintain the device, follow these steps:
- Access the device’s configuration interface using a web browser or dedicated software.
- Enter the appropriate login credentials to access the configuration settings.
- Modify the necessary parameters and settings according to your needs.
- Save the changes and restart the device if required.
Additional Resources
For additional information, sample SDK scripts, or configuration samples, please refer to our wiki on https://wiki.netmodule.com.
FAQ
Q: What wireless communication technologies are supported by the NetModule
Automotive Gateway NG800?
A: The NetModule Automotive Gateway NG800 supports various wireless
communication technologies, including Wi-Fi, Bluetooth, cellular (GSM, LTE),
and more. It offers versatile connectivity options for automotive
applications.
Q: How can I ensure the security of my data when using the NetModule
Automotive Gateway NG800?
A: The NetModule Automotive Gateway NG800 incorporates advanced security
features to protect your data. It supports encryption protocols, secure
communication channels, and authentication mechanisms to safeguard against
unauthorized access and data breaches.
Q: Can I customize the configuration settings of the NetModule Automotive
Gateway NG800?
A: Yes, the NetModule Automotive Gateway NG800 allows you to customize various
configuration settings to meet your specific requirements. You can access the
device’s configuration interface and modify parameters such as network
settings, security options, and routing configurations.
NetModule Automotive Gateway NG800
User Manual for Software Version 4.8.0.102
Manual Version 2.1570
NetModule AG, Switzerland November 20, 2023
NetModule Automotive Gateway NG800
This manual covers all variants of the NG800 product type.
The specifications and information regarding the products in this manual are
subject to change without notice. We would like to point out that NetModule
makes no representation or warranties with respect to the contents herein and
shall not be responsible for any loss or damage caused to the user by the
direct or indirect use of this information This document may contain
information about third party products or processes. Such third party
information is generally out of influence of NetModule and therefore NetModule
shall not be responsible for the correctness or legitimacy of this
information. Users must take full responsibility for their application of any
products.
Copyright ©2023 NetModule AG, Switzerland All rights reserved
This document contains proprietary information of NetModule. No parts of the
work described herein may be reproduced. Reverse engineering of the hardware
or software is prohibited and protected by patent law. This material or any
portion of it may not be copied in any form or by any means, stored in a
retrieval system, adopted or transmitted in any form or by any means
(electronic, mechanical, photographic, graphic, optic or otherwise), or
translated in any language or computer language without the prior written
permission of NetModule.
A large amount of the source code to this product is available under licenses
which are both free and open source. Most of it is covered by the GNU General
Public License which can be obtained from www.gnu.org. The remainder of the
open source software which is not under the GPL, is usually available under
one of a variety of more permissive licenses. A detailed license information
for a particular software package can be provided on request.
All other products or company names mentioned herein are used for
identification purposes only and may be trademarks or registered trademarks of
their respective owners. The following description of software, hardware or
process of NetModule or other third party provider may be included with your
product and will be subject to the software, hardware or other license
agreements.
Contact
https://support.netmodule.com
NetModule AG Maulbeerstrasse 10 CH-3011 Bern Switzerland
Tel +41 31 985 25 10 Fax +41 31 985 25 11 info@netmodule.com https://www.netmodule.com
Welcome to NetModule
Thank you for purchasing a NetModule product. This document should give you an introduction to the device and its features. The following chapters describe any aspects of commissioning the device, installation procedure and provide helpful information towards configuration and maintenance. Please find further information such as sample SDK scripts or configuration samples in our wiki on https://wiki.netmodule.com.
NG800
9
User Manual for NRSW version 4.8.0.102
Conformity
This chapter provides general information for putting the gateway into operation.
Safety Instructions
Please carefully observe all safety instructions in the manual that are marked
with the symbol .
Compliance information: The NetModule gateways must be used in compliance with
any and all applicable national and international laws and with any special
restrictions regulating the utilization of the communication module in
prescribed applications and environments.
Information about the accessories / changes to the device: Please only use
original accessories to prevent injuries and health risks. Changes made to
the device or the use of non-authorized accessories will render the
warranty null and void and potentially invalidate the operating license.
NG800
10
User Manual for NRSW version 4.8.0.102
Information about the device interfaces: All systems that are connected to
the NetModule router interfaces must meet the
requirements for SELV (Safety Extra Low Voltage) systems.
Interconnections must not leave the building nor penetrate the body shell of
a vehicle.
Connections for antennas may only exit the building or the vehicle hull if
transient overvoltages (according to IEC 62368-1) are limited by external
protection circuits down to 1 500 Vpeak. All other connections must remain
within the building or the vehicle hull.
Installed antennas must always be at least 40 cm away from people.
Devices with a WLAN interface may be operated only with applicable
Regulatory Domain configured. Special attention must be paid to country,
number of antennas and the antenna gain (see also chapter 5.3.4). The maximum
allowed gain is 3dBi in the relevant frequency range. WLAN antennas with a
higher amplification may be used with the NetModule router “Enhanced-RF-
Configuration” software license and the antenna gain and cable attenuation
that have been correctly configured by certified specialized personnel. A
misconfiguration will lead to loss of the approval.
The maximum gain of an antenna (incl. the attenuation of the connection
cables) must not exceed the following values in the corresponding frequency
range:
Mobile radio (600MHz .. 1GHz) < 3.2dBi
Mobile radio (1.7GHz .. 2GHz) < 6.0dBi
Mobile radio (2.5GHz .. 4.2GHz) < 6.0dBi
WiFi (2.4GHz .. 2.5GHz) < 3.2dBi
WiFi (5.1GHz .. 5.9GHz) < 4.5dBi
Note that GNSS signals can be obfuscated or blocked by malicious third-party
devices.
Only CE-compliant power supplies with a current-limited SELV output voltage
range may be used with the NetModule routers.
NG800
11
User Manual for NRSW version 4.8.0.102
General safety instructions: Observe the usage limitations of radio units at
filling stations, in chemical plants, in
systems with explosives or potentially explosive locations. The devices may
not be used in airplanes. Exercise particular caution near personal medical
aids, such as pacemakers and hear-
ing aids. The NetModule gateways may also cause interference in the nearer
distance of TV
sets, radio receivers and personal computers. Never perform work on the
antenna system during a thunderstorm. Protect them against aggressive
chemical atmospheres and humidity or temperatures
outside specifications. We highly recommended creating a copy of a working
system configuration. It can be
easily applied to a newer software release afterwards.
2.2. Declaration of Conformity
NetModule hereby declares that under our own responsibility that the gateways
comply with the relevant standards following the provisions of the RED
Directive 2014/53/EU. The signed version of the Declaration of Conformity can
be obtained from https://www.netmodule.com/downloads
2.3. Waste Disposal
In accordance with the requirements of the Council Directive 2012/19/EU
regarding Waste Electrical and Electronic Equipment (WEEE), you are urged to
ensure that this product will be segregated from other waste at end-of-life
and delivered to the WEEE collection system in your country for proper
recycling.
2.4. National Restrictions
This product may be generally used in all EU countries (and other countries
following the RED Directive 2014/53/EU) without any limitation. Please refer
to our WLAN Regulatory Database for getting further national radio interface
regulations and requirements for a particular country.
NG800
12
User Manual for NRSW version 4.8.0.102
Open Source Software
We inform you that NetModule products may contain in part open-source
software. We are distributing such open-source software to you under the terms
of GNU General Public License (GPL)1, GNU Lesser General Public License
(LGPL)2 or other open-source licenses3. These licenses allow you to run, copy,
distribute, study, change and improve any software covered by GPL, Lesser GPL,
or other open-source licenses without any restrictions from us or our end user
license agreement on what you may do with that software. Unless required by
applicable law or agreed to in writing, software distributed under open-source
licenses is distributed on an “AS IS” basis, WITHOUT WARRANTIES OR CONDITIONS
OF ANY KIND, either express or implied. To obtain the corresponding open
source codes covered by these licenses, please contact our technical support
at router@support.netmodule.com.
Acknowledgements
This product includes:
PHP, freely available from http://www.php.net Software developed by the
OpenSSL Project for use in the OpenSSL Toolkit
(http://www.openssl.org) Cryptographic software
written by Eric Young (eay@cryptsoft.com) Software written by Tim Hudson
(tjh@cryptsoft.com) Software written Jean-loup Gailly and Mark Adler MD5
Message-Digest Algorithm by RSA Data Security, Inc. An implementation of the
AES encryption algorithm based on code released by Dr Brian Glad-
man Multiple-precision arithmetic code originally written by David Ireland
Software from The FreeBSD Project (http://www.freebsd.org)
1Please find the GPL text under http://www.gnu.org/licenses/gpl-2.0.txt 2Please find the LGPL text under http://www.gnu.org/licenses/lgpl.txt 3Please find the license texts of OSI licenses (ISC License, MIT License, PHP License v3.0, zlib License) under
NG800
13
User Manual for NRSW version 4.8.0.102
Specifications
Appearance
NG800
14
User Manual for NRSW version 4.8.0.102
3.2. Features
All models of the NG800 Family have following standard functionalities: 1x
LTE, UMTS, GSM 1x WLAN IEEE 802.11abgn with Bluetooth Low Energy 1x GNSS
with automotive Dead Reckoning 1x Fast Ethernet port (10/100 Mbit/s) 2x
Automotive Ethernet ports (100BASE-T1) 1x eUICC SIM 1 GHz CPU, 512 MB RAM,
8 GB Flash 2x CAN-passive (2x CAN-active on request) Battery backed real
time clock for time keeping Inertial Motion Unit, 6 Axis (SW support on
request) Full featured router software
The NG800 can optionally be equipped with Software Keys for additional
functionality.
Due to its modular approach, the NG800 router and its hardware components can
be arbitrarily assembled according to its indented usage or application.
Please contact us in case of special project requirements.
3.3. Environmental Conditions
Parameter Nominal Input Voltage Absolute Input Voltage Operating Temperature
Range Storage Temperature Range Humidity Altitude Over-Voltage Category
Pollution Degree Ingress Protection Rating Vibration
Shock
Rating 12 VDC to 24 VDC 9 VDC to 36 VDC -40 C to +75 C -40 C to +85 C 5 to 95% (non-condensing) up to 4000 m Vehicle based equipment 2 IP69k ISO 16750-3 (road vehicles), IEC 60068-2-64 (24 h) ISO 16750-3 (road vehicles), IEC 60068-2-27 (60 shocks)
Table 3.1.: Environmental Conditions
NG800
15
User Manual for NRSW version 4.8.0.102
3.4. Interfaces
3.4.1. Overview
Nr. Label 1 A1 Cellular 2 A2 Cellular 3 A3 WLAN/BT
4 A4 WLAN 5 A5 GNSS 6 LED 1 7 LED 2 8 X48 9 Earthing cable
Function FAKRA male connector for cellular main antenna FAKRA male connector
for cellular auxiliary antenna FAKRA male connector for WLAN/Bluetooth main
antenna (2.4 GHz, 5 GHz) FAKRA male connector for WLAN auxiliary antenna (2.4
GHz) FAKRA male connector for GNSS Status LED Link LED 48-pin CMC Molex
interface for all wired connections Earthing the base plate is optional
(protective earth is not compulsory)
Table 3.2.: NG800 Interfaces
NG800
16
User Manual for NRSW version 4.8.0.102
3.4.2. Default LED Indicators The following table describes the NG800 status indicators.
Housing Label STAT
Software Label SYS
Color State
Function
Shows the overall system state. This could be derived from health indicators
such as:
all services up and running overall throughput is normal CPU load is
normal the supervisor … User application (state set by
user in SDK or container)
LINK
WAN
g
On
System operation state: normal
g
Blinking System operation state: during startup
r
On
System operation state: emergency,
watchdog, failure
g
On
The hotlink connection is up.
g
Blinking The hotlink connection is established
or changing the interface.
Off
The hotlink is disabled.
Table 3.3.: NG800 Status Indicators
3.4.3. Reset
NG800 does not have a built-in reset button. An external reset can be
triggered as described below (e.g. by installing an external reset button).
The reset button has two functions:
1. Reboot the system: Apply reset signal for at least 3 seconds to trigger a
system reboot. The reboot is indicated with the blinking STAT LED.
2. Factory reset: Apply reset signal for at least 10 seconds to trigger a
factory reset. The start of the factory reset is confirmed by all LEDs
lighting up for a second.
The RS232 receive input (RS232-RXD, Pin L1 of X48 connector) also serves also
reset input. To assert a reset condition, the input is tied to a positive
voltage >5.0 VDC. It is possible to connect to the battery (12 VDC, 24 VDC).
When the input is asserted for longer than 100 micro-seconds (a character
time) the receiver detects a break condition which is treated as reset active
indication. Further processing of the signal is performed by software.
NG800
17
User Manual for NRSW version 4.8.0.102
When the serial interface is not used, a push button can be connected from the positive battery port to the serial interface receive input (X48:L1) as shown in the following image.
Figure 3.1.: Reset Input (Serial Interface not used)
If the serial interface is used in the application, a break-before-make switch
must be used. The switch is required to protect the terminal equipment from
the battery voltage.
In the inactive position the serial interface is connected between the
terminal and the device, allowing serial communication. In the active
position, the terminal is disconnected, and the receiver input is connected to
the battery.
Figure 3.2.: Reset Input (Serial Interface used)
NG800
18
User Manual for NRSW version 4.8.0.102
3.4.4. Mobile
The variants of the NG800 support multiple multimode modules for mobile
communication. The LTE modules supports 2×2 MIMO.
Standard 4G (LTE/FDD) 3G (DC-HSPA+/UMTS) 2G (EDGE/GPRS/GSM)
Bands B1 (2100), B3 (1800), B5 (850), B7 (2600), B8 (900), B20 (800) B1
(2100), B2 (1900), B5 (850), B8 (900) B2 (1900), B3 (1800), B5 (850), B8 (900)
Table 3.4.: Mobile Interface
Further modems for regions NA, APAC on request
The mobile antenna ports have the following specification:
Feature
Specification
Max. allowed cable length
30 m
Min. number of antennas 4G-LTE
2
Max. allowed antenna gain including cable attenuation
Mobile radio (600MHz .. 1GHz) < 3.2dBi Mobile radio (1.7GHz .. 2GHz) < 6.0dBi Mobile radio (2.5GHz .. 4.2GHz) < 6.0dBi
Min. distance between collocated ra- 20 cm dio transmitter antennas
Min. distance between people and an- 40 cm tenna
Connector type
FAKRA, D-Code, Bordeaux
Table 3.5.: Mobile Antenna Port Specification
3.4.5. Bluetooth Low Energy The NG800 supports Bluetooth Low Energy.
NG800
19
User Manual for NRSW version 4.8.0.102
3.4.6. WLAN The variants of the NG800 support a IEEE 802.11a/b/g/n WLAN module.
Standard 802.11a 802.11b 802.11g 802.11n 802.11n
Frequencies 5 GHz 2.4 GHz 2.4 GHz 2.4 GHz 5 GHz
Bandwidth 20 MHz 20 MHz 20 MHz 20 MHz 40 MHz
Max. Data Rate 54 Mbit/s 11 Mbit/s 54 Mbit/s 144 Mbit/s 150 Mbit/s
Table 3.6.: IEEE 802.11 Standards
Note: 802.11n supports 2×2 MIMO in 2.4 GHz and 1×1 in 5 GHz.
The WLAN antenna ports have the following specification:
Feature
Specification
Max. allowed cable length
30 m
Max. allowed antenna gain including cable attenuation
3.2dBi (2,4GHz) resp. 4.5dBi (5GHz) 1
Min. distance between collocated ra- 20 cm dio transmitter antennas
Min. distance between people and an- 40 cm tenna
Connector type
FAKRA, I-Code, Beige
Table 3.7.: WLAN Antenna Port Specification
1Note: WLAN antennas with a higher gain may be used with the NetModule router “Enhanced-RF-Configuration” software license and the antenna gain and cable attenuation that have been correctly configured by certified specialized personnel.
NG800
20
User Manual for NRSW version 4.8.0.102
3.4.7. GNSS The GNSS module supports Dead Reckoning with onboard 3D accelerometer and 3D gyroscope.
Feature Systems Data stream Channels Tracking sensitivity Accuracy Dead Reckoning Modes Supported antennas
Specification GPS/GLONASS/BeiDou/Galileo JSON or NMEA 72 Up to -160 dBm Up to 2.5 m CEP UDR: Untethered Dead Reckoning Active and passive
Table 3.8.: GNSS Specifications
The GNSS antenna port has the following specification:
Feature
Specification
Max. allowed cable length
30 m
Antenna LNA gain
15-20 dB typ, 30 dB max.
Min. distance between collocated ra- 20 cm dio transmitter antennas
Active antenna supply
3.0 V, 100 mA max.
Connector type
FAKRA, C-Code, Blue
Table 3.9.: GNSS / GPS Antenna Port Specification
NG800
21
User Manual for NRSW version 4.8.0.102
3.4.8. Pin Assignment X48 X48 is a combination connector that carries all
wired signals (except antennas).
Figure 3.3.: Pin Assignment X48
Figure 3.4.: X48 Outline
Group 100 Base-T1 Interface 1 100 Base-T1 Interface 2 100 Base-Tx Interface
CAN Interface 1
Pin Signal A1 BRDR1-TRXP B1 BRDR1-TRXN A2 BRDR2-TRXP B2 BRDR2-TRXN A3 ETH1-RxP B3 ETH1-RxN A4 ETH1-TxP B4 ETH1-TxN D1 CAN1-L
Description + terminal for transmit/receive signal – terminal for
transmit/receive signal + terminal for transmit/receive signal – terminal for
transmit/receive signal
Low Level CAN bus line
NG800
22
User Manual for NRSW version 4.8.0.102
Group CAN Interface 2 EIA-232 UART Console/Debug Power / Supply
Signal Ground
Extension Module
Pin Signal D2 CAN1-H D3 CAN2-L D4 CAN2-H C3 CAN2-T L1 RS232-RXD
Description High Level CAN bus line Low Level CAN bus line High Level CAN bus line 120 termination resistor Receive signal input
M1 RS232-TXD
Transmit signal output
M3 Power input KL30 Power entry
L3 Ignition Input KL15
Ignition sense input (refer to chapter 4.8)
L4 Power Ground
VM1
M4 Power Ground
VM2
C1 Ground C2 Ground C4 Ground L2 Ground M2 Ground
E1-
Reserved for Extension Module
K4
Table 3.10.: Pin Assignments of X48
Note: The following mating material for X48 cable connection may be used. Molex 0643201311, CMC48 female connector (for crimp contacts) Molex 0643201301, CMC48 female connector cover Molex 0643231029, crimp contact 18-20AWG for L and M rows Molex 0643221039, crimp contact 20AWG for A to K rows
NG800
23
User Manual for NRSW version 4.8.0.102
3.4.9. Power Supply NG800 routers have a non-isolated power supply input. It has the following specifications:
Feature Power supply nominal voltages Voltage range (absolute maximum) Power
consumption
Max. cable length Cable shield Ignition Reverse polarity protection
Specification 12 VDC and 24 VDC 9 VDC to 36 VDC 7 W (average), 10 W (max.), Power Down <2 mA @24V 30 m not required Threshold: 6.0 V / Input impedance: 400 k Yes
Table 3.11.: Power Specifications
Requires external fuse (recommended type: Littlefuse ATOF Blade Fuse, 32 V, 3
A, 0287003.PXCN) Minimal cable cross section: 0.75 mm2 (AWG 20) You may also
refer to chapter 4.8.
Pin Assignment
Pin Signal M3 Power Input KL30 L3 Ignition Input KL15 (needs to be connected,
refer to chapter 4.8 L4 Power Ground VM1 M4 Power Ground VM2
Table 3.12.: Pin Assignments of Power Supply
NG800
24
User Manual for NRSW version 4.8.0.102
3.4.10. Fast Ethernet (100 Base-Tx Interface)
Specification The Fast Ethernet port is specified as follows:
Feature Isolation Speed Mode Crossover Max. cable length Cable type Cable shield Connector type
Specification 1500 VDC 10/100 Mbit/s Half- & Full-Duplex Automatic MDI/MDI-X 100 m CAT5e or better Mandatory Molex CMC48
Table 3.13.: Fast Ethernet Port Specification
Pin Assignment
Pin Signal A3 ETH1-RxP B3 ETH1-RxN A4 ETH1-TxP B4 ETH1-TxN
Table 3.14.: Pin Assignments of Fast Ethernet Connector
3.4.11. Automotive Ethernet (100 Base-T1 Interface)
Specification The Automotive Ethernet ports are specified as follows:
Feature Isolation Speed Mode Max. cable length
Specification None 100 Mbit/s Full-Duplex 15 m
NG800
25
User Manual for NRSW version 4.8.0.102
Feature Cable type
Cable shield Connector type
Specification twisted pair, i.e. 0.13 mm2
Unshielded
Molex CMC48
KROCAR 64996795, 2x
Table 3.15.: Automotive Ethernet Port Specification
Pin Assignment 100 Base-T1 Interface 1
A1 BRDR1-TRXP B1 BRDR1-TRXN
+ terminal for transmit/receive signal – terminal for transmit/receive signal
Table 3.16.: Pin Assignments of Automotive Ethernet Port 1
Pin Assignment 100 Base-T1 Interface 2
A2 BRDR2-TRXP B2 BRDR2-TRXN
+ terminal for transmit/receive signal – terminal for transmit/receive signal
Table 3.17.: Pin Assignments of Automotive Ethernet Port 2
NG800
26
User Manual for NRSW version 4.8.0.102
3.4.12. 2x CAN Interface The CAN interfaces have the following specifications:
Feature Features Signals Signal Level Bitrate Termination
Bus access
Max. cable length Cable type Cable shield Connector type
Specification 2x CAN V2.0B CANH, CANL High > 2.75 VDC, low < 2.0 VDC Up to 1 Mbit/s Both ports have 6 k (weak termination) CAN2 has configurable 120 termination With option Cm: Passive (read access only) With option Cn: Active (read/write access) 30 m Twisted pair Mandatory Molex CMC48
Table 3.18.: Specification of 2xCAN Interface
Pin Assignment
Pin Signal D1 CAN1-L D2 CAN1-H D3 CAN2-L D4 CAN2-H C3 CAN2-T
Description Low Level CAN bus line High Level CAN bus line Low Level CAN bus line High Level CAN bus line 120 termination resistor. Connect to pin D3 to enable termination on interface.
Table 3.19.: Pin Assignments of 2xCAN Interface
Note: Cables with length >30m must be shielded.
NG800
27
User Manual for NRSW version 4.8.0.102
3.4.13. Serial RS-232 The RS-232 port has the following specification (bold values show the default configuration):
Feature Protocol Baud rate
Data bits Parity Stop bits Software flow control Hardware flow control
Galvanic isolation to enclosure Max. cable length Cable shield Connector type
Specification 3-wire RS-232: GND, TXD, RXD 300, 1 200, 2 400, 4 800, 9 600, 19 200, 38 400, 57 600, 115 200 7 bit, 8 bit none, odd, even 1, 2 none, XON/XOFF none none 3m not required Molex CMC48
Table 3.20.: RS-232 Port Specification
Pin Assignment
Pin Signal L1 RS232-RXD M1 RS232-TXD
Description Receive signal input. Transmit signal output.
Table 3.21.: Pin Assignments of RS-232 Interface
NG800
28
User Manual for NRSW version 4.8.0.102
4. Installation
The NG800 is designed for mounting on a wall. Please consider the safety
instructions in chapter 2 and the environmental conditions in chapter 3.3.
The following precautions must be taken before installing a NG800 router:
Avoid direct solar radiation Protect the device from aggressive fluids
Attention: NetModule routers are not intended for the end consumer market. The
device must be installed and commissioned by a certified expert.
4.1. Installation of SIM
NG800 with IP69K protection housing cannot be opened and contains an eUICC
chip (eSIM) which replaces the conventional SIM card. This embedded SIM allows
the user to switch network/provider profiles per software configuration
without physically exchanging a SIM card. In other words eUICC enables remote
switching of SIM profiles. For evaluation purposes NG800 can be shipped with a
housing which can be opened (IP55 protection). These devices contain a Micro-
SIM card connector, where a SIM card can be inserted.
Warning The IP55 housing may only be opened by qualified personnel. Please
request instructions for SIM change.
4.2. Installation of the Cellular Antenna
For a reliable function of the NetModule router via the mobile network, the
NetModule routers require a good signal. Use suitable remote antennas with
extended cables to achieve an optimal location with a sufficient signal and to
maintain the distances to other antennas (at least 20cm to each other). The
antenna manufacturer’s instructions must be observed.” Keep in mind that
effects caused by Faraday cages such as large metal surfaces (elevators,
machine housings, etc.), close meshed iron constructions and others may reduce
signal reception significantly. The antenna or antenna cable has to be mounted
to the MOB ports A1 and A2. 4G-LTE antennas require both the main and
auxiliary ports to be connected.
Attention: When installing the antenna be sure to observe chapter 2
NG800
29
User Manual for NRSW version 4.8.0.102
4.3. Installation of the WLAN Antennas
WLAN antennas must be mounted to the connectors of WLAN ports A3 and A4. The
number of attached antennas can be configured in the software. If only one
antenna is used, it must be attached to port A3. However, for better diversity
and thus better throughput and coverage, we highly recommend using two
antennas. Only use antennas with cables shorter than 3 meters.
Attention: When installing the antenna be sure to observe chapter 2
4.4. Installation of the Bluetooth Antenna
The Bluetooth antenna must be mounted to the connector BT port A3. Only use
antennas with cables shorter than 3 meters.
4.5. Installation of the GNSS Antenna
The GNSS antenna must be mounted to the connector GNSS. Whether the antenna is
an active or passive GNSS antenna has to be configured in the software. We
recommend active GNSS antennas for highly accurate GNSS tracking.
Attention: When installing the antenna be sure to observe chapter 2
4.6. Installation of the Local Area Network / Fast Ethernet
Please refer to 3.4.10. By default, the gateway is configured as a DHCP server
and has the default IP address 192.168.1.1.
Attention: Only a shielded Ethernet cable may be used.
4.7. Installation of the Automotive Ethernet
Please refer to 3.4.11
Attention: Only a twisted pair cable may be used.
NG800
30
User Manual for NRSW version 4.8.0.102
4.8. Installation of the Power Supply & Delayed Power Off
The gateway can be powered with an external source supplying between 12 VDC or
24 VDC. It is to be used with a certified (CE or equivalent) power supply,
which must have a limited and SELV circuit output. The power supply may also
be a vehicle battery. It must be ensured by installation that the input
current of the gateway cannot exceed 3 A. This can be accomplished by using a
3 A fuse. This fuse must be installed close to the power supply in order to
protect the power supply cable (which otherwise could heat up significantly
e.g. due to a short circuit and as a result damage its isolation). You may
also refer to chapter 3.4.9.
Attention: Only CE-compliant power supplies with a current-limited SELV output
voltage range may be used with the NetModule gateway. A battery may be used.
Requires external fuse (recommended type: Littlefuse ATOF Blade Fuse, 32 V, 3
A,0287003.PXCN). Minimal wire cross section: 0.75 mm2 (AWG 20).
When no “delayed power off” is required, connect both ignition input pin L3
and power input pin M3 to the supply voltage. When using the “delayed power
off” function, the ignition pin L3 must be connected to the ignition circuit
of the vehicle instead. You can enable ignition sense and configure the
“delayed power off” in the WebManager System menu. Using this feature, the
router powers off for a defined time (SW configurable) after the vehicle is
turned off, instead of an immediate shut down. You may also refer to chapters
3.4.8 and 3.4.9.
Attention: Ignition pin L3 needs to be connected. Connect it to power supply
or ignition circuit of the vehicle.
NG800
31
User Manual for NRSW version 4.8.0.102
5. Configuration
The following chapters provide information on setting up the router and
configuring its functions as provided with system software 4.8.0.102.
NetModule provides regularly updated router software with new functions, bug
fixes and closed vulnerabilities. Please keep your router software up to date.
ftp://share.netmodule.com/router/public/system-software/
5.1. First Steps
NetModule routers can be easily set up by using the HTTP-based configuration
interface, called the Web Manager. It is supported by the latest web browsers.
Please ensure to have JavaScript turned on. Any submitted configuration via
the Web Manager will be applied immediately to the system when pressing the
Apply button. When configuring subsystems which require multiple steps (for
instance WLAN) you can use the Continue button to store any settings
temporarily and apply them at a later time. Please note that those settings
will be neglected at logout unless applied. You may also upload configuration
files via SNMP, SSH, HTTP or USB in case you intend to deploy a larger numbers
of routers. Advanced users may also use the Command Line Interface (CLI) and
set configuration parameters directly. The IP address of Ethernet 1 is
192.168.1.1 and DHCP is activated on the interface by default. The following
steps need to be taken to establish your first Web Manager session:
1. Connect the Ethernet port of your computer to the gateway. Please refer to
chapter 3.4.10 2. If not yet activated, enable DHCP on your computer’s
Ethernet interface so that an IP address
can be obtained automatically from the router. This usually takes a short
amount of time until your PC has received the corresponding parameters (IP
address, subnet mask, default gateway, name server). You may track the
progress by having a look to your network control panel and check whether your
PC has correctly retrieved an IP address of the range 192.168.1.100 to
192.168.1.199. 3. Launch your favorite web browser and point it to the IP
address of the router (the URL is http://192.168.1.1). 4. Please follow the
instructions of the Web Manager for configuring the router. Most of the menus
are self-explanatory, further details are given in the following chapters.
5.1.1. Initial Access
In factory state you will be prompted for a new administrator password. Please
choose a password which is both, easy to remember but also robust against
dictionary attacks (such as one that contains numbers, letters and punctuation
characters). The password shall have a minimum length of 6 characters. It
shall contain a minimum of 2 numbers and 2 letters.
NG800
32
User Manual for NRSW version 4.8.0.102
Admin Password Setup
Please set a password for the admin account. It shall have a minimum length of
6 characters and contain at least 2 numbers and 2 letters.
Username: Enter new password: Confirm new password:
I agree to the terms and conditions
admin
Configure automatic mobile data connection
Apply
NetModule Router Simulator Hostname netbox Software Version 4.4.0.103 © 2004-2020, NetModule AG
NetModule Insights
Subscribe to our mailing and get the latest news about software releases and
much more
Figure 5.1.: Initial Login
Please note that the admin password will be also applied for the root user
which can be used to access the device via the serial console, Telnet, SSH or
to enter the bootloader. You may also configure additional users which will
only be granted to access the summary page or retrieve status information but
not to set any configuration parameters. A set of services (USB Autorun, CLI-
PHP) are by default activated in factory state and will be disabled as soon as
the admin password has been set. They can be enabled again afterwards in the
relevant sections. Other services (SSH, Telnet, Console) can be accessed in
factory state by providing an empty or no password. The passphrase which is
used to store and access generated and uploaded private keys is initialized to
a random value. It can be changed as described in chapter 5.8.8.
5.1.2. Automatic Mobile Data Connection
If you put a SIM with disabled PIN into the first SIM slot and select
‘Configure automatic mobile data connection’ the router will try to select
matching credentials from a database of known providers and
NG800
33
User Manual for NRSW version 4.8.0.102
esteblish a mobile data connection automatically. This feature is highly
dependent on the SIM card features and the available networks. This Option is
only availble if the router is equipped with a cellular module.
5.1.3. Recovery
Following actions might be taken in case the router has been misconfigured and
cannot be reached anymore:
1. Factory Reset: You can initiate a reset back to factory settings via the
Web Manager, by running the command factory-reset or refer to chapter 3.4.3
2. Serial Console Login: It is also possible to log into the system via the
serial port. This requires a terminal emulator (such as PuTTY or
HyperTerminal) and an RS232 connection (115200 8N1) attached to the serial
port of your local computer. You will also see the kernel messages at bootup
there.
3. Recovery Image: In severe cases we can provide a recovery image on demand
which can be loaded into RAM via TFTP and executed. It offers a minimal system
image for running a software update or doing other modifications. You will be
provided with two files, recovery-image and recovery-dtb, which must be placed
in the root directory of a TFTP server (connected via LAN1 and address
192.168.1.254). The recovery image can be launched from the bootloader using a
serial connection. You will have to stop the boot process by pressing s and
enter the bootloader. You can then issue run recovery to load the image and
start the system which can be accessed via HTTP/SSH/Telnet and its IP address
192.168.1.1 afterwards.
NG800
34
User Manual for NRSW version 4.8.0.102
5.2. HOME
This page provides a status overview of enabled features and connections.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
Status Summary WAN WWAN WLAN GNSS Ethernet LAN Bridges DHCP OpenVPN IPsec PPTP MobileIP Firewall System
Summary Description LAN2 WWAN1 WLAN1 IPsec1 PPTP1 MobileIP
Administrative Status enabled enabled enabled, access-point enabled enabled, server enabled
Operational Status dialing down up down up down
LOGOUT
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Figure 5.2.: Home
Summary This page offers a short summary about the administrative and
operational status of the router’s interfaces.
WAN This page offers details about any enabled Wide Area Network (WAN) links
(such as the IP addresses, network information, signal strength, etc.) The
information about the amount of downloaded/uploaded data is stored in non-
volatile memory, thus survive a reboot of the system. The counters can be
reset by pressing the Reset button.
WWAN This page shows information about modems and their network status.
AC This page shows information about the Access Controller (AC) WLAN-AP. This
includes the current states and status information of discovered and managed
AP3400 devices.
NG800
35
User Manual for NRSW version 4.8.0.102
WLAN The WLAN page offers details about the enabled WLAN interfaces when
operating in access-point mode. This includes the SSID, IP and MAC address and
the currently used frequency and transmit power of the interface as well as
the list of associated stations.
GNSS This page displays the position status values, such as
latitude/longitude, the satellites in view and more details about the used
satellites.
Ethernet This page shows information about the Ethernet interfaces and packet
statistics information.
LAN This page shows information about the LAN interfaces plus the neighborhood
information.
Bridges This page shows information about configured virtual bridge devices.
Bluetooth This page shows information about Bluetooth interfaces.
DHCP This page offers details about any activated DHCP service, including a
list of issued DHCP leases.
OpenVPN This page provides information about the OpenVPN tunnel status.
IPSec This page provides information about the IPsec tunnel status.
PPTP This page provides information about the PPTP tunnel status.
GRE This page provides information about the GRE tunnel status.
L2TP This page provides information about the L2TP tunnel status.
MobileIP This page provides information about Mobile IP connections.
Firewall This page offers information about any firewall rules and their
matching statistics. It can be used to debug the firewall.
QoS This page provides information about the used QoS queues.
NG800
36
User Manual for NRSW version 4.8.0.102
BGP This page provides information about the Border Gateway Protocol.
OSPF This page provides information about the Open Shortest Path First routing
protocol.
DynDNS This page provides information about Dynamic DNS.
System Status The system status page displays various details of your NG800
router, including system details, information about mounted modules and
software release information.
SDK This section will list all webpages generated by SDK scripts.
NG800
37
User Manual for NRSW version 4.8.0.102
INTERFACES
WAN
Link Management Depending on your hardware model, WAN links can be made up of
either Wireless Wide Area Network (WWAN), Wireless LAN (WLAN), Ethernet or PPP
over Ethernet (PPPoE) connections. Please note that each WAN link has to be
configured and enabled in order to appear on this page.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
WAN Link Management
In case a WAN link goes down, the system will automatically switch over to the
next link in order of priority. A link can be either established when the
switch occurs or permanently to minimize link downtime. Outgoing traffic can
also be distributed over multiple links on a per IP session basis.
Priority Interface 1st LAN2 2nd WWAN1
Operation Mode permanent permanent
Apply
Figure 5.3.: WAN Links
NG800
38
User Manual for NRSW version 4.8.0.102
In general, a link will be only dialed or declared as up if the following prerequisites are met:
Condition Modem is registered Registered with valid service type Valid SIM state Sufficient signal strength Client is associated Client is authenticated Valid DHCP address retrieved Link is up and holds address Ping check succeeded
WWAN X X X X
X X X
WLAN
X X X X X X
ETH
X X X
PPPoE
X X X
The menu can be used further to prioritize your WAN links. The highest
priority link which has been established successfully will become the so-
called hotlink which holds the default route for outgoing packets.
In case a link goes down, the system will automatically switch over to the
next link in the priority list. You can configure each link to be either
established when the switch occurs or permanently in order to minimize link
downtime.
Parameter 1st priority 2nd priority
3rd priority
4th priority
WAN Link Priorities
The primary link which will be used whenever possible.
The first fallback link, it can be enabled permanently or being dialed as soon
as Link 1 goes down.
The second fallback link, it can be enabled permanently or being dialed as
soon as Link 2 goes down.
The third fallback link, it can be enabled permanently or being dialed as soon
as Link 3 goes down.
Links are being triggered periodically and put to sleep in case it was not
possible to establish them within a certain amount of time. Hence it might
happen that permanent links will be dialed in background and replace links
with lower priority again as soon as they got established. In case of
interfering links sharing the same resources (for instance in dual-SIM
operation) you may define a switch-back interval after which an active hotlink
is forced to go down in order to let the higher-prio link getting dialed
again.
We recommend to use the permanent operation mode for WAN links in general.
However, in case of time-limited mobile tariffs for instance, the switchover
mode might be applicable. By using the distributed mode, it is possible to
distribute outgoing traffic over multiple WAN links based on their weight
ratio.
NG800
39
User Manual for NRSW version 4.8.0.102
Attention: You can have concurrent WWAN links which share a common resource like one WWAN module using SIM cards of different providers. In that case it would not be possible to find out if the link with the higher priority is available without putting down the low priority link. Therefore, such a link will behave like a switchover, even if configured as permanent.
For mobile links, it is further possible to pass through the WAN address towards a local host (also called Drop-In or IP Pass-through). In particular, the first DHCP client will receive the public IP address. More or less, the system acts like a modem in such case which can be helpful in case of firewall issues. Once established, the Web Manager can be reached over port 8080 using the WAN address but still over the LAN1 interface using port 80.
Parameter disabled permanent on switchover
distributed
WAN Link Operation Modes Link is disabled Link is being established permanently Link is being established on switchover, it will be dialed if previous links failed Link is member of a load distribution group
Parameter Operation mode Weight Switch-back
Bridge Mode Bridging interface
WAN Link Settings The operation mode of the link The weight ratio of a distributed link Specifies the switch-back condition of a switchover link and the time after an active hotlink will be teared down If WLAN client, specifies the bridge mode which will be used. If WLAN client, the LAN interface to which the WAN link should be bridged.
The following bridge modes can be configured for a WLAN client:
Parameter disabled pseudo bridge
Bridge modes Disables the bridge mode
Enables a bridge like behavior by relaying DHCP and broadcast messages
NetModule routers provide a feature called IP pass-through (aka Drop-In mode). If enabled, the WAN address will be be passed-through to the first DHCP client of the specified LAN interface. As Ethernetbased communication requires additional addresses, we pick an appropriate subnet to talk to the LAN host. In case this overlaps with other addresses of your WAN network, you may optionally specify the
NG800
40
User Manual for NRSW version 4.8.0.102
network given by your provider to avoid any address conflicts.
Parameter IP Pass-through Interface WAN network WAN netmask
IP Pass-Through Settings Enables or disables IP pass-through Specifies the interface on which the address shall be passed-through Specifies the WAN network Specifies the WAN netmask
Supervision
Network outage detection on a per-link basis can be performed by sending pings
on each link to some authoritative hosts. A link will be declared as down in
case all trials have failed and only as up if at least one host can be
reached.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Link Supervision
Network outage detection can be performed by sending pings on each WAN link to authoritative hosts. The link will be declared as down in case all trials failed. You may further specify an emergency action if a certain downtime is reached.
Link
Hosts
Emergency Action
ANY
8.8.8.8, 8.8.4.4
none
Figure 5.4.: Link Supervision
NG800
41
User Manual for NRSW version 4.8.0.102
Parameter Link Mode
Primary host Secondary host Ping timeout
Ping interval Retry interval Max. number of failed trials Emergency action
Supervision Settings
The WAN link to be monitored (can be ANY)
Specifies whether the link shall only be monitored if being up (e.g. for using
a VPN tunnel) or if connectivity shall be also validated at connection
establishment (default)
The primary host to be monitored
The secondary host to be monitored (optional)
The amount of time in milliseconds a response for a single ping can take,
consider to increase this value in case of slow and tardy links (such as 2G
connections)
The interval in seconds at which pings are transmitted on each interface
The interval in seconds at which pings are re-transmitted in case a first ping
failed
The maximum number of failed ping trials until the link will be declared as
down
The emergency action which should be taken after a maximum downtime has been
reached. Using reboot would perform a reboot of the system, restart link
services will restart all link-related applications including a reset of the
modem.
WAN Settings
This page can be used to configure WAN specific settings like the Maximum
Segment Size (MSS). The MSS corresponds to the largest amount of data (in
bytes) that the router can handle in a single, unfragmented TCP segment. In
order to avoid any negative side effects, the number of bytes in the data
segment and the headers must not add up to more than the number of bytes in
the Maximum Transmission Unit (MTU). The MTU can be configured per each
interface and corresponds to the largest packet size that can be transmitted.
NG800
42
User Manual for NRSW version 4.8.0.102
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
TCP Maximum Segment Size
The maximum segment size defines the largest amount of data of TCP packets (usually MTU minus 40). You may decrease the value in case of fragmentation issues or link-based limits.
MSS adjustment: Maximum segment size:
enabled disabled
1380
Apply
Figure 5.5.: WAN Settings
Parameter MSS adjustment Maximum segment size
TCP MSS Settings Enable or disable MSS adjustment on WAN interfaces. Maximum number of bytes in a TCP data segment.
NG800
43
User Manual for NRSW version 4.8.0.102
5.3.2. Ethernet
NG800 gateways ship with an Fast Ethernet port which can be linked via 48-pin
CMC Molex connector. The Fast Ethernet port forms the LAN1 interface which
should be used for LAN purposes. Other interfaces can be used to connect other
LAN segments or for configuring a WAN link.
Ethernet Port Assignment
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Port Assignment
Link Settings
Ethernet 1 Administrative status: Network interface:
Ethernet 2 Administrative status: Network interface:
enabled disabled LAN1
enabled disabled LAN2
Apply
LOGOUT
Figure 5.6.: Ethernet Ports
This menu can be used to individually assign each Ethernet port to a LAN
interface, just in case you want to have different subnets per port or use one
port as WAN interface. You may assign multiple ports to the same interface.
NG800
44
User Manual for NRSW version 4.8.0.102
Ethernet Link Settings
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Port Assignment
Link Settings
Link speed for Ethernet 1: Link speed for Ethernet 2:
Apply
auto-negotiated auto-negotiated
LOGOUT
Figure 5.7.: Ethernet Link Settings
Link negotiation can be set for each Ethernet port individually. Most devices
support auto-negotiation which will configure the link speed automatically to
comply with other devices in the network. In case of negotiation problems, you
may assign the modes manually but it has to be ensured that all devices in the
network utilize the same settings then.
NG800
45
User Manual for NRSW version 4.8.0.102
Authentication via IEEE 802.1X
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges USB Serial GNSS
NB3800 NetModule Router Hostname nb Software Version 4.7.0.100 © 2004-2022,
NetModule AG
Port Assignment Link Settings Wired 802.1X
Ethernet 1 Wired 802.1X status:
Ethernet 2 Wired 802.1X status: EAP type: Anonymous identity: Identity:
Password: Certificates: Ethernet 3 Wired 802.1X status: Reauthentication
Period: Authenticator ID: Use MAB: Ethernet 4 Wired 802.1X status:
Ethernet 5 Wired 802.1X status:
Apply
disabled Client Authenticator
disabled Client Authenticator PEAP
Netmodule-Anon
testid
·········
show
missing Manage keys and certificates
disabled Client Authenticator 3600 Netmodule-Auth
disabled Client Authenticator
disabled Client Authenticator
LOGOUT
Figure 5.8.: Authentication via IEEE 802.1X
NetModule-routers support authentication via the IEEE 802.1X standard. This
can be configured for each Ethernet port individually. The following options
exist:
NG800
46
User Manual for NRSW version 4.8.0.102
Parameter Wired 802.1X status EAP type Anonymous identity Identity Password Certificates
Wired IEEE 802.1X Client Settings If set to Client, the router will authenticate on this port via IEEE 802.1X Which protocol to use to authenticate The anonymous identify for PEAP authentication The identify for EAP-TLS or PEAP authentication (required) The password for PEAP authentication (required) Certificates for authentication via EAP-TLS or PEAP. Can be configured in chapter 5.8.8
Parameter Wired 802.1X status
Reauthentication Period Authenticator ID Use MAB
Einstellungen IEEE 802.1X Authenticator
If set to Authenticator, the router will propagate IEEE 802.1X authentication
requests on this port to a configured RADIUS server (see chapter 5.8.2)
Time in seconds after which a connected client has to reauthenticate
This unique name identifies the authenticator at the RADIUS server
Activate this option if you want to allow authentication of devices which are
not capable of IEEE 802.1X via MAC Authentication Bypass. These are reported
to the RADIUS server with their MAC address as user name and password
VLAN Management
NetModule routers support Virtual LAN according to IEEE 802.1Q which can be
used to create virtual interfaces on top of an Ethernet interface. The VLAN
protocol inserts an additional header to Ethernet frames carrying a VLAN
Identifier (VLAN ID) which is used for distributing the packets to the
associated virtual interface. Any untagged packets, as well as packets with an
unassigned ID, will be distributed to the native interface.
NG800
47
User Manual for NRSW version 4.8.0.102
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
VLAN Management
VLAN ID
Interface
LAN1-1
1
Network Interface Priority
LAN1
default
LAN1-2
5
LAN1
background
Mode routed routed
LOGOUT
Figure 5.9.: VLAN Management
In order to form a distinctive subnet, the network interface of a remote LAN
host must be configured with the same VLAN ID as defined on the router.
Further, 802.1P introduces a priority field which influences packet scheduling
in the TCP/IP stack.
The following priority levels (from lowest to highest) exist:
Parameter 0 1 2 3 4 5 6 7
VLAN Priority Levels Background Best Effort Excellent Effort Critical Applications Video (< 100 ms latency and jitter) Voice (< 10 ms latency and jitter) Internetwork Control Network Control
NG800
48
User Manual for NRSW version 4.8.0.102
IP Settings This page can be used to configure IP addressing for your LAN/WAN Ethernet interfaces.
Parameter Mode MTU
LAN IP Settings Defines whether this interface is being used as LAN or WAN
interface.
The Maximum Transmission Unit for the interface, if provided it will specify
the largest size of a packet transmitted on the interface.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
GNSS
NB2800 NetModule Router Hostname NB2800 Software Version 4.6.0.100 ©
2004-2021, NetModule AG
IP Address Management
Network Interface
Mode IP Address Mode
LAN1
LAN STATIC
LAN1-1
LAN STATIC
LAN1-2
LAN STATIC
LAN2
WAN DHCP
IP Address 192.168.1.1 192.168.101.1 192.168.102.1 –
Netmask 255.255.255.0 255.255.255.0 255.255.255.0 –
Figure 5.10.: LAN IP Configuration
NG800
49
User Manual for NRSW version 4.8.0.102
LAN-Mode When running in LAN mode, the interface may be configured with the following settings:
Parameter IP address Netmask Alias IP address Alias Netmask MAC
LAN IP Settings The IP interface address The netmask for this interface Optional alias IP interface address Optional alias netmask for this interface Custom MAC adress for this interface (not supported for VLANs)
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
GNSS
NB2800 NetModule Router Hostname NB2800 Software Version 4.6.0.100 ©
2004-2021, NetModule AG
IP Settings LAN1 Mode: Static Configuration IP address: Netmask: Alias IP
address: Alias Netmask: MTU: MAC:
Apply
LAN WAN
192.168.1.1 255.255.255.0
LOGOUT
Figure 5.11.: LAN IP Configuration – LAN Interface
NG800
50
User Manual for NRSW version 4.8.0.102
WAN-Mode When running in WAN mode, the interface may be configured with two IP versions in the following way:
Parameter IPv4 IPv6 Dual-Stack
Description Only Internet Protocol Version 4 Only Internet Protocol Version 6 Run Internet Protocol Version 4 and Version 6 in parallel
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
GNSS
NB2800 NetModule Router Hostname NB2800 Software Version 4.6.0.100 ©
2004-2021, NetModule AG
IP Settings LAN1 Mode:
IP version: IPv4 Configuration IPv4 WAN mode: IPv6 Configuration IPv6 WAN
mode: MTU: MAC:
Apply
LAN WAN IPv4 IPv6 Dual-Stack
DHCP Static PPPoE
SLAAC Static
LOGOUT
Figure 5.12.: LAN IP Configuration – WAN Interface
NG800
51
User Manual for NRSW version 4.8.0.102
Depending on the selected IP version you can configure your interface with the following settings:
IPv4 Settings The router can configure its IPv4 address the following ways:
Parameter DHCP
Static
PPPoE
IPv4 WAN-Modes
When running as DHCP client, no further configuration is required because all
IP-related settings (address, subnet, gateway, DNS server) will be retrieved
from a DHCP server in the network.
Allows you to define static values. Caution has to be taken to assign a unique
IP address as it would otherwise raise IP conflicts in the network.
PPPoE is commonly used when communicating with another WAN access device (like
a DSL modem).
IPv4-PPPoE Settings The following settings can be applied:
Parameter User name Password Service name
Access concentrator name
PPPoE Configuration
PPPoE user name for authenticating at the access device
PPPoE password for authenticating at the access device
Specifies the service name set of the access concentrator and can be left
blank unless you have multiple services on the same physical network and need
to specify the one you want to connect to.
The name of the concentrator (the PPPoE client will connect to any access
concentrator if left blank)
NG800
52
User Manual for NRSW version 4.8.0.102
IPv6 Settings The router can configure its IPv6 address the following ways:
Parameter SLAAC
Static
IPv6 WAN-Modes
All IP-related settings (address, prefix, routes, DNS server) will be
retrieved by the neighbor-discovery-protocol through stateless-
addressautoconfiguration.
Allows you to define static values. Caution has to be taken to assign a unique
IP address as it would otherwise raise IP conflicts in the network. You can
only configure global addresses. The link-local address is automatically
generated via the MAC address.
DNS Server
When all enabled IP versions are set to Static, you may configure an
interface-specific nameserver. To override the interface-specific nameservers
see chapter 5.7.3.
NG800
53
User Manual for NRSW version 4.8.0.102
5.3.3. Mobile
Modems Configuration This page lists all available WWAN modems. They can be
disabled on demand.
Query This page allows you to send Hayes AT commands to the modem. Besides the
3GPP-conforming AT command-set further modem-specific commands can be
applicable which we can provide on demand. Some modems also support running
Unstructured Supplementary Service Data (USSD) requests, e.g. for querying the
available balance of a prepaid account. SIMs
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Mobile SIMs
This menu can be used to assign a default modem to each SIM which will also be
used by SMS and GSM voice services. A SIM card can get switched in case of
multiple WWAN interfaces sharing the same modem.
SIM Default SIM1 Mobile1
Current Mobile1
SIM State missing
SIM Lock unknown
Registered no
Update
Figure 5.13.: SIMs
The SIM page gives an overview about the available SIM cards, their assigned
modems and the current state. Once a SIM card has been inserted, assigned to a
modem and successfully unlocked, the card should remain in state ready and the
network registration status should have turned to registered. If
NG800
54
User Manual for NRSW version 4.8.0.102
not, please double-check your PIN. Please keep in mind that registering to a network usually takes some time and depends on signal strength and possible radio interferences. You may hit the Update button at any time in order to restart PIN unlocking and trigger another network registration attempt. Under some circumstances (e.g. in case the modem flaps between base stations) it might be necessary to set a specific service type or assign a fixed operator. The list of operators around can be obtained by initiating a network scan (may take up to 60 seconds). Further details can be retrieved by querying the modem directly, a set of suitable commands can be provided on request.
NG800
55
User Manual for NRSW version 4.8.0.102
Configuration
A SIM card is generally assigned to a default modem but might be switched, for
instance if you set up two WWAN interfaces with one modem but different SIM
cards. Close attention has to be paid when other services (such as SMS or
Voice) are operating on that modem, as a SIM switch will naturally affect
their operation. The following settings can be applied:
Parameter PIN code PUK code Default modem Preferred service
Registration mode Network selection
WWAN SIM Configuration
The PIN code for unlocking the SIM card
The PUK code for unlocking the SIM card (optional)
The default modem assigned to this SIM card
The preferred service to be used with this SIM card. Remember that the link
manager might change this in case of different settings. The default is to use
automatic, in areas with interfering base stations you can force a specific
type (e.g. 3G-only) in order to prevent any flapping between the stations
around.
The desired registration mode
Defines which network shall be selected. This can be bound to a specific
provider ID (PLMN) which can be retrieved by running a network scan.
NG800
56
User Manual for NRSW version 4.8.0.102
eSIM / eUICC
Attention: Note that eUICC profiles are NOT affected by a factory reset. To
remove an eUICC profile from a device, manually remove it before performing
the factory reset.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
Serial
GNSS
CAN
Bluetooth
NG800 NetModule Router Hostname Simulator Software Version 4.6.0.100 ©
2004-2021, NetModule AG
SIM Card
eSIM Profiles
Profile configuration for embedded SIM1
ICCID
Operator
Name
EID: 89033032426180001000002063768022
Nickname
LOGOUT
Figure 5.14.: eSIM Profiles
Selected router models contain an eUICC (embedded universal integrated circuit
card) which allows you to download eSIM profiles from the internet to the
router instead of having to insert a physical SIM card into the router. The
eSIM profiles to be installed must be compliant to the GSMA RSP Technical
Specification SGP.22. These are the same eSIM profiles that are used with
current mobile phones. Profiles according to the older GSMA SGP.02
specification are not supported. eSIM profiles can be managed on the “eSIM
Profiles” tab of the “Mobile / SIMs” configuration page. The management page
allows you to display all installed eSIM profiles as well as to install,
enable, disable and delete eSIM profiles. It is also possible to store a
nickname for each profile. The eUICC can store up to about 7 eSIM profiles
depending on the size of the profiles. Only one of those profiles can be
active at a time. In order to install new eSIM profiles, you need to first
establish IP connectivity to the internet so that
NG800
57
User Manual for NRSW version 4.8.0.102
the router can download the profile from the mobile network operator’s server.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
Serial
GNSS
CAN
Bluetooth
NG800 NetModule Router Hostname Simulator Software Version 4.6.0.100 ©
2004-2021, NetModule AG
Add eUICC profile to SIM1 Method:
Activation code: ? Confirmation code:
Apply
Activation/QR Code Root discovery service scan or upload QR code
LOGOUT
Figure 5.15.: Add eUICC Profile
The following two ways are supported to install eSIM profiles and can be
selected on the eSIM profiles configuration page:
1. QR code provided by the network operator To download the eSIM profile
using this method your mobile network operator provides you a QR code which
contains the information about the eSIM profile to be installed. If the device
you are using to access the configuration GUI of the router has a camera, you
can scan the QR code using the camera. Otherwise you can also upload an image
file of the QR code. Or it is also possible to enter the contents of the QR
code manually into the corresponding input field.
2. GSMA Root Discovery Service When using this method, you need to provide
the EID, which is a unique number that identifies the eUICC of the router, to
your mobile network operator. The EID is displayed on the eSIM profiles
configuration page. The operator will then prepare the eSIM profile for your
router on his provisioning servers. Afterwards, you can use the GSMA Root
Discovery Service method to retrieve the eSIM
NG800
58
User Manual for NRSW version 4.8.0.102
profile without having to specify any additional information for the download. Note: Most mobile network operators allow only one download of an eSIM profile. So, if you download the profile once and delete it afterwards, you will not be able to download the same profile a second time. In this case you would need to request a new eSIM profile from your operator.
NG800
59
User Manual for NRSW version 4.8.0.102
WWAN Interfaces
This page can be used to manage your WWAN interfaces. The resulting link will
pop up automatically as WAN link once an interface has been added. Please
refer to chapter 5.3.1 for how to manage them.
The Mobile LED will be blinking during the connection establishment process
and goes on as soon as the connection is up. Refer to section 5.8.7 or consult
the system log files for troubleshooting the problem in case the connection
did not come up.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Mobile Interfaces Interface Modem SIM PDP WWAN1 Mobile1 SIM1 PDP1
Number Service APN / User *99***1# automatic internet.telekom / tm
LOGOUT
Figure 5.16.: WWAN Interfaces
The following mobile settings are required:
Parameter Modem SIM Service type
WWAN Mobile Parameters The modem to be used for this WWAN interface The SIM card to be used for this WWAN interface The required service type
Please note that these settings supersede the general SIM based settings as soon as the link is being dialed.
NG800
60
User Manual for NRSW version 4.8.0.102
Generally, the connection settings are derived automatically as soon as the modem has registered and the network provider has been found in our database. Otherwise, it will be required to configure the following settings manually:
Parameter Phone number
Access point name IP version
Authentication Username Password
WWAN Connection Parameters
The phone number to be dialed, for 3G+ connections this commonly refers to be
*99***1#. For circuit-switched 2G connections you can enter the fixed phone
number to be dialed in international format (e.g. +41xx).
The access point name (APN) being used
What IP version to use. Dual-stack lets you use IPv4 and IPv6 together. Please
note, that your provider might not support all IP versions.
The authentication scheme being used, if required this can be PAP or/and CHAP
The user-name used for authentication
The password used for authentication
Furtheron, you may configure the following advanced settings:
Parameter Required signal strength Home network only Negotiate DNS Call to
ISDN Header compression
Data compression Client address MTU
WAN Advanced Parameters
Sets a minimum required signal strength before the connection is dialed
Determines whether the connection should only be dialed when registered to a
home network
Specifies whether the DNS negotiation should be performed and the retrieved
name-servers should be applied to the system
Has to be enabled in case of 2G connections talking to an ISDN modem
Enables or disables 3GPP header compression which may improve TCP/IP
performance over slow serial links. Has to be supported by your provider.
Enables or disables 3GPP data compression which shrinks the size of packets to
improve throughput. Has to be supported by your provider.
Specifies a fixed client IP address if assigned by the provider
The Maximum Transmission Unit for this interface
NG800
61
User Manual for NRSW version 4.8.0.102
5.3.4. WLAN
WLAN Management In case your router is shipping with a WLAN (or Wi-Fi) module
you can operate it either as client, access point, mesh point or certain dual
modes. As a client it can create an additional WAN link which for instance can
be used as backup link. As access point, it can form another LAN interface
which can be either bridged to an Ethernet-based LAN interface or create a
self-contained IP interface which can be used for routing and to provide
services (such as DHCP/DNS/NTP) in the same way like an Ethernet LAN interface
does. As mesh point, it can create a wireless mesh network to provide a
backhaul connectivity with dynamic path selection. As dual mode, it is
possible to run access point and client or mesh point and access point
functionality on the same radio module.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
WLAN Management Administrative status:
Operational mode:
Regulatory domain: Operation type: Radio band: Bandwidth: Channel: Number of antennas: Antenna gain:
Apply
Continue
enabled disabled client access point mesh point dual modes European Union
802.11b 2.4 GHz 20 MHz
Auto
2 0 dB
Channel utilisation
LOGOUT
Figure 5.17.: WLAN Management
If the administrative status is set to disabled, the module will be powered
off in order to reduce the overall power consumption. Regarding antennas, we
generally recommend using two antennas for better coverage and throughput. A
second antenna is definitely mandatory if you want to achieve higher
throughput rates as in 802.11n. A WLAN client and a mesh point will
automatically became a WAN link and can be managed as described in chapter
5.3.1.
NG800
62
User Manual for NRSW version 4.8.0.102
Configurable parameters for access-point, client mode, mesh point and any dual mode:
Parameter Regulatory Domain Number of antennas Antenna gain
Tx power Disable low data rates
WLAN Management Select the country the Router operates in Set the number of connected antennas Specify the antenna gain for the connected antennas. Please refer to the antennas datasheet for the correct gain value. Specifies the max. transmit power used in dBm. Avoid sticky clients by disabling low data rates.
Warning Please be aware that any inappropriate parameters can lead to an infringement of conformity regulations.
Running as access point or dual mode, you can further configure the following settings:
Parameter Operation type Radio band
Outdoor Bandwidth Channel Short Guard Interval
WLAN Management Specifies the desired IEEE 802.11 operation mode Selects the radio band to be used for connections, depending on your module it could be 2.4 or 5 GHz Shows the 5 GHz outdoor channels Specify the channel bandwidth operation mode Specifies the channel to be used Enables the Short Guard Interval (SGI)
Running as client, you can further configure the following settings:
Parameter Scan channels
2.4 GHz 5 GHz
WLAN Management Select if all supported channels should be scanned or just user defined channels Set the channels which should be scanned in 2.4 GHz Set the channels which should be scanned in 5 GHz
Available operation modes are:
NG800
63
User Manual for NRSW version 4.8.0.102
Standard 802.11a 802.11b 802.11g 802.11n 802.11n
Frequencies 5 GHz 2.4 GHz 2.4 GHz 2.4 GHz 5 GHz
Bandwidth 20 MHz 20 MHz 20 MHz 20 MHz 40 MHz
Table 5.25.: IEEE 802.11 Network Standards
Data Rate 54 Mbit/s 11 Mbit/s 54 Mbit/s 144 Mbit/s 150 Mbit/s
NG800
64
User Manual for NRSW version 4.8.0.102
Running as mesh point, you can further configure the following settings:
Parameter Radio band
Channel
WLAN Mesh-Point Management Selects the radio band to be used for connections,
depending on your module it could be 2.4 or 5 GHz
Specifies the channel to be used
Note: 802.11n with 2×2 MIMO in 2.4 GHz and 1×1 in 5 GHz.
NG800
65
User Manual for NRSW version 4.8.0.102
Prior to setting up an access point, it is always a good idea to run a network
scan for getting a list of neighboring WLAN networks and then choose the less
interfering channel. Please note that two adequate channels are required for
getting good throughputs with 802.11n and a bandwidth of 40 MHz.
WLAN Configuration Running in client mode, it is possible to connect to one
ore more remote access-points. The system will switch to the next network in
the list in case one goes down and return to the highest-prioritized network
as soon as it comes back. You can perform a WLAN network scan and pick the
settings from the discovered information directly. The authentication
credentials have to be obtained by the operator of the remote access point.
Parameter SSID Security mode WPA mode
WPA cipher
Identity Passphrase
Required signal strength
WLAN Client Configuration The network name (called SSID)
The desired security mode
The desired encryption method. WPA3 should be preferred over WPA2 and WPA1
The WPA cipher to be used, the default is to run both (TKIP and CCMP)
The identity used for WPA-RADIUS and WPA-EAP-TLS
The passphrase used for authentication with WPA-Personal, otherwise the key
passphrase for WPA-EAP-TLS
Required signal strength to esablish the connection
The client is performing background scans for the purpose of roaming within an ESS. The background scans are based on the current signal strenght.
Parameter Threshold
Long interval
Short interval
WLAN Client Background Scan Parameters
The signal strength threshold in dBm when the long or short time interval
should occur
The time in seconds when a background scan should be performed if the
threshold is above the given threshold value
The time in seconds when a background scan should be performed if the
threshold is below the given threshold value
NG800
66
User Manual for NRSW version 4.8.0.102
Running in access-point mode you can create up to 2 SSIDs with each running their own network configuration. The networks can be individually bridged to a LAN interface or operate as dedicated interface in routing-mode.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
WLAN Access-Point Configuration
Interface
SSID
WLAN1
NB1600-Private
Security Mode WPA / Cipher
WPA-PSK
WPA + WPA2 / TKIP + CCMP
Figure 5.18.: WLAN Configuration
NG800
67
User Manual for NRSW version 4.8.0.102
This section can be used to configure security-related settings.
Parameter
WLAN Access-Point Configuration
SSID
The network name (called SSID)
Security mode
The desired security mode
WPA mode
WPA2 should be preferred over WPA1, running WPA/WPA2 mixedmode offers both.
WPA cipher
The WPA cipher to be used, the default is to run both (TKIP and CCMP)
Passphrase
The passphrase used for authentication with WPA-Personal.
Force PMF
Enables Protected Management Frames
Hide SSID
Hides the SSID
Isolate clients
Disables client-to-client communication
Band steering master
The WLAN interface which the client should be steered to
Opportunistic Wireless En- The WLAN interface for a seamless transition from an OPEN WLAN
cryption transition
to an OWE encrypted WLAN interface
Accounting
Sets accounting profile
The following security modes can be configured:
Parameter Off None WEP WPA-Personal
WPA-Enterprise
WPA-RADIUS
WPA-TLS
OWE
WLAN Security Modes
SSID is disabled
No authentication, provides an open network
WEP (is nowadays discouraged)
WPA-Personal (TKIP, CCMP), provides password-based authentication
WPA-Enterprise in AP mode, can be used to authenticate against a remote RADIUS
server which can be configured in chapter 5.8.2
EAP-PEAP/MSCHAPv2 in client mode, can be used to authenticate against a remote
RADIUS server which can be configured in chapter 5.8.2
EAP-TLS in client mode, performs authentication using certificates which can
be configured in chapter 5.8.8
Opportunistic Wireless Encryption alias Enhanced OPEN provides encryption WLAN
without any authentication
NG800
68
User Manual for NRSW version 4.8.0.102
Running in mesh point mode, it is possible to connect to one or more mesh points within the mesh network at the same time. The system will automatically join the wireless network, connect to the other mesh partners with the same ID and sercurtiy credentials. The authentication credentials have to be obtained by the operator of the mesh network.
Parameter
WLAN Mesh-Point Configuration
MESHID
The network name (called MESHID)
Security mode
The desired security mode
enable gate announcements To enable gate announcments for the mesh network
NG800
69
User Manual for NRSW version 4.8.0.102
The following security modes can be configured:
Parameter Off None SAE
WLAN Mesh-Point Security Modes MESHID is disabled No authentication, provides an open network SAE (Simultaneous Authentication of Equals) is a secure passwordbased authentication and key establishment protocol
NG800
70
User Manual for NRSW version 4.8.0.102
WLAN IP Settings
This section lets you configure the TCP/IP settings of your WLAN network. A
client and mesh point interface can be run over DHCP or with a statically
configured address and default gateway.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
WLAN1 IP Settings Network mode: IP address: Netmask:
Apply
Continue
bridged routed 192.168.200.1 255.255.255.0
LOGOUT
Figure 5.19.: WLAN IP Configuration
The access point networks can be bridged to any LAN interface for letting WLAN clients and Ethernet hosts operate in the same subnet. However, for multiple SSIDs we strongly recommend to set up separated interfaces in routing-mode in order to avoid unwanted access and traffic between the interfaces. The corresponding DHCP server for each network can be configured in afterwards as described in chapter 5.7.2.
Parameter Network mode
Bridge interface
IP address / netmask
WLAN IP Settings
Choose whether the interface shall be operated bridged or in routingmode
If bridged, the LAN interface to which the WLAN network should be bridged
In routing-mode, the IP address and netmask for this WLAN network
NG800
71
User Manual for NRSW version 4.8.0.102
The following feature can be configured if the WLAN interface is bridged
Parameter IAPP Pre-auth
WLAN Bridging features
Enables the Inter-Access Point Protocol feature
Enables the pre-authentication mechanism for roaming clients (if supported by
the client). Pre-auth is only supported with WPA2Enterprise with CCMP
NG800
72
User Manual for NRSW version 4.8.0.102
5.3.5. Software Bridges
Software bridges can be used to bridge layer-2 devices like OpenVPN TAP, GRE
or WLAN interfaces without the need for a physical LAN interface.
Bridge Settings This page can be used to enable/disable software bridges. It
can be configured as follows:
Parameter Administrative status IP Address Netmask MTU
Bridge Settings
Enables or disables the bridge interface. If you need an interface to the
local system you need to define an IP address for the local device.
IP address of the local interface (available only if “Enabled with local
interface” was selected
Netmask of the local interface (available only if “Enabled with local
interface” was selected
Optional MTU size for the local interface (available only if “Enabled with
local interface” was selected
NG800
73
User Manual for NRSW version 4.8.0.102
5.3.6. Serial This page can be used to manage your serial ports. A serial port can be used by:
Parameter none login console
device server modem bridge modem emulator
SDK
Serial Port Usage
The serial port is not used
The serial port is used to open a console which can be accessed with a serial
terminal client from the other side. It will provide helpful bootup and kernel
messages and spawns a login shell, so that users can login to the system. If
more than one serial interface is available, one serial interface can be
configured as ‘login console’ at a time.
The serial port will be exposed over a TCP/IP port and can be used to
implement a Serial/IP gateway.
Bridges the serial interface to the Modem TTY of an intergrated WWAN Modem.
Emulates a classical AT command driven modem on the serial interface. See
http://wiki.netmodule.com/app-notes/hayes-modemat-simulator for detailed
information.
The serial port will be reserved for SDK scripts.
NG800
74
User Manual for NRSW version 4.8.0.102
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Administration
Port Settings
SERIAL1 is used by:
Apply
Back
none login console device server modem emulator SDK
Figure 5.20.: Serial Port Administration
LOGOUT
NG800
75
User Manual for NRSW version 4.8.0.102
Running a device server, the following settings can be applied:
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges USB Serial Digital I/O GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Administration
Port Settings
SERIAL1 Port Settings
Physical protocol: Baud rate: Data bits: Parity: Stop bits: Software flow
control: Hardware flow control: Server Configuration Protocol on IP port:
Port:
Timeout: Allow remote control (RFC 2217): Show banner:
Allow clients from:
Apply
RS232 115200 8 data bits None 1 stop bit None None
Telnet
2000
endless
numbered
600
everywhere specify
Figure 5.21.: Serial Port Settings
LOGOUT
Parameter Physical protocol Baud rate Data bits Parity Stop bits
NG800
Serial Settings Selects the desired physical protocol on the serial port Specifies the baud rate run on the serial port Specifies the number of data bits contained in each frame Specifies the parity used for every frame that is transmitted or received Specifies the number of stop bits used to indicate the end of a frame
76
User Manual for NRSW version 4.8.0.102
Parameter Software flow control
Hardware flow control Protocol on TCP/IP Port Timeout
Serial Settings
Defines the software flow control for the serial port, XOFF will send a stop,
XON a start character to the other end to control the rate of any incoming
data
You may enable RTS/CTS hardware flow control, so that the RTS and CTS lines
are used to control the flow of data
You may choose the IP protocols Telnet or TCP raw for the device server
The TCP port for the device server
The timeout until a client is declared as disconnected
Parameter Protocol on IP port Port Timeout
Allow remote control Show banner Stop bits Allow clients from
Server Settings Selects the desired IP protocol (TCP or Telnet) Specifies the TCP port on which the server will be available The time in seconds before the port will be disconnected if there is no activity on it. A zero value disables this function. Allow remote control (ala RFC 2217) of the serial port Show a banner when clients connect Specifies the number of stop bits used to indicate the end of a frame Specifies which clients are allowed to connect to the server
Please note that the device server does not provide authentication or
encryption and clients will be able connect from everywhere. Please consider
to restrict access to a limited network/host or block packets by using the
firewall.
When running the serial port as AT modem emulator the following settings can
be applied:
Parameter Physical protocol Baud rate Hardware flow control
Serial Port Settings Selects the desired physical protocol on the serial port Specifies the baud rate run on the serial port You may enable RTS/CTS hardware flow control, so that the RTS and CTS lines are used to control the flow of data
Parameter Port
Incoming connections via Telnet The TCP port for the device server
Parameter Number
Phonebook Entries Phone number that will get an alias
NG800
77
User Manual for NRSW version 4.8.0.102
Parameter IP address Port
Phonebook Entries IP address the number will become Port value for the IP address
NG800
78
User Manual for NRSW version 4.8.0.102
5.3.7. Bluetooth Low Energy
If a Bluetooth interface is available it can be used either with the SDK
scripting engine or forwarded to the Virtualization.
Bluetooth Settings This page can be used to assign the Bluetooth module either
to SDK or Virtualization or to turn Bluetooth functionality off. It can be
configured as follows:
Parameter Administrative status
Bluetooth Settings Enables the module for SDK or Virtualization
If you enable the module for SDK usage you need a SDK script that handles the
hardware interface. You can start advertising or scanning mode and setup
parameters via SDK. Please have a look at the SDK API for detailed
description.
If you enable the module for Virtualization there will be no interaction to
the module from the host system. It is in your responsibility to use it
correctly. Please refer to our examples and documentation in the public Wiki.
NG800
79
User Manual for NRSW version 4.8.0.102
5.3.8. GNSS
Configuration
The GNSS page lets you enable or disable the GNSS modules present in the
system and can be used to configure the daemon that can be used to share
access to receivers without contention or loss of data and to respond to
queries with a format that is substantially easier to parse than the NMEA 0183
emitted directly by the GNSS device.
We are currently running the Berlios GPS daemon (version 3.15), supporting the
new JSON format. Please navigate to http://www.catb.org/gpsd/ for getting more
information about how to connect any clients to the daemon remotely. The
position values can also be queried by the CLI and used in SDK scripts.
Parameter Administrative status Operation mode Antenna type Accuracy
Fix frame interval
GNSS Module Configuration
Enable or disable the GNSS module
The mode of operation, either standalone or assisted (for A-GPS)
The type of the connected GPS antenna, either passive or actively 3 volt
powered
The GNSS receiver compares the calculated position accuracy based on the
satellite information and compares it with this accuracy threshold in meters.
If the calculated position accuracy is better than the accuracy threshold, the
position is reported. Adjust this parameter to a higher threshold in case the
GNSS receiver does not report a position fix, or when it takes a long time to
calculate a fix. This could be caused when there is no clear sky view of the
GNSS antenna which is the case in tunnels, beside tall buildings, trees, and
so on.
The amount of time to wait between fix attempts
If the GNSS module does support AssistNow and the operation mode is assisted the following configuration can be done:
Parameter Primary URL Secondary URL
GNSS Assisted GPS Configuration The primary AssistNow URL The secondary AssistNow URL
Information about AssistNow: If you have a lot of devices in the field that use the AssistNow service, please consider creating your own AssistNow token at http://www. u-blox.com. If there are too many requests per time, the service may not work as expected. If you have further questions, please contact our support.
Parameter Server port
GNSS Server Configuration
The TCP port on which the daemon is listening for incoming connections
NG800
80
User Manual for NRSW version 4.8.0.102
Parameter Allow clients from
Clients start mode
GNSS Server Configuration
Specifies where clients can connect from, can be either everywhere or from a
specific network
Specifies how data transferal is accomplished when a client connects. You can
specify on request which typically requires an R to be sent. Data will be sent
instantly in case of raw mode which will provide NMEA frames or super-raw
which includes the original data of the GPS receiver. If the client supports
the JSON format (i.e. newer libgps is used) the json mode can be specified.
Please consider to restrict access to the server port, either by a specifying a dedicated client network or by using a firewall rule.
Information about Dead Reckoning: If you have a device which supports Dead Reckoning, please consult the GNSS Dead Reckoning installation guide for further information or please contact our support.
NG800
81
User Manual for NRSW version 4.8.0.102
Position This pages provides further information about the satellites in view and values derived from them:
Parameter Latitude Longitude Altitude Satellites in view Speed
Satellites used
Dilution of precision
GNSS Information The geographic coordinate specifying the north-south position The geographic coordinate specifying the east-west position The height above sea level of the current location The number of satellites in view as stated in GPGSV frames The horizontal and vertical speed in meter per second as stated in GPRMC frames The number of satellites used for calculating the position as stated in GPGGA frames The dilution of precision as stated in GPGSA frames
Furtheron, each satellite also comes with the following details:
Parameter PRN Elevation Azimuth SNR
GNSS Satellite Information
The PRN code of the satelitte (also referred as satellite ID) as stated in
GPGSA frames
The elevation (up-down angle between the dish pointing direction) in degrees
as stated in GPGSV frames
The azimuth (rotation around the vertical axis) in degrees as stated in GPGSV
frames
The SNR (Signal to Noise Ratio), often referred as signal strength
Please note that the values are shown as calculated by the daemon, their
accuracy might be suggestive.
Supervision
Parameter Administrative status Mode Max. downtime
Emergency action
GNSS Supervision
Enable or disable GNSS supervision
Specifies whether to monitor the NMEA stream or GPS fixes
The period of time without valid NMEA stream or GPS fix after which an
emergency action shall be taken
The corresponding emergency action. You can either let just restart the
server, which will also re-initialize the GPS function on the module, or reset
the module in severe cases. Please note that this may have effects on any
running WWAN/SMS services.
NG800
82
User Manual for NRSW version 4.8.0.102
5.4. ROUTING
5.4.1. Static Routes
This menu shows all routing entries of the system. They are typically formed
by an address/netmask couple (represented in IPv4 dotted decimal notation)
which specify the destination of a packet. The packets can be directed to
either a gateway or an interface or both. If interface is set to ANY, the
system will choose the route interface automatically, depending on the best
matching network configured for an interface.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
Static Routes Extended Routes Multipath Routes Multicast
IGMP Proxy Static Routes BGP OSPF Mobile IP Administration QoS Administration
Classification
Static Routes
This menu shows all routing entries of the system, they can consist of active and configured ones. The flags are as follows: (A)ctive, (P)ersistent, (H)ost Route, (N)etwork Route, (D)efault Route (Netmasks can be specified in CIDR notation)
Destination Netmask
Gateway
Interface Metric Flags
192.168.1.0 255.255.255.0 0.0.0.0
LAN1 0 AN
192.168.101.0 255.255.255.0 0.0.0.0
LAN1-1 0 AN
192.168.102.0 255.255.255.0 0.0.0.0
LAN1-2 0 AN
192.168.200.0 255.255.255.0 0.0.0.0
WLAN1 0 AN
Route lookup
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 ©
2004-2020, NetModule AG
Figure 5.22.: Static Routing
In general, host routes precede network routes and network routes precede
default routes. Additionally, a metric can be used to determine the priority
of a route, a packet will go in the direction with the lowest metric in case a
destination matches multiple routes. Netmasks can be specified in CIDR
notation (i.e. /24 expands to 255.255.255.0).
NG800
83
User Manual for NRSW version 4.8.0.102
Parameter Destination Netmask
Gateway Interface Metric Flags
Static Route Configuration
The destination address of a packet
The subnet mask which forms, in combination with the destination, the network
to be addressed. A single host can be specified by a netmask of
255.255.255.255, a default route corresponds to 0.0.0.0.
The next hop which operates as gateway for this network (can be omitted on
peer-to-peer links)
The network interface on which a packet will be transmitted in order to reach
the gateway or network behind it
The routing metric of the interface (default 0), higher metrics have the
effect of making a route less favorable
(A)ctive, (P)ersistent, (H)ost Route, (N)etwork Route, (D)efault Route
The flags obtain the following meanings:
Flag
Description
A
The route is considered active, it might be inactive if the interface for this route is not yet
up.
P
The route is persistent, which means it is a configured route, otherwise it corresponds to
an interface route.
H
The route is a host route, typically the netmask is set to 255.255.255.255.
N
The route is a network route, consisting of an address and netmask which forms the
subnet to be addressed.
D
The route is a default route, address and netmask are set to 0.0.0.0, thus matching any
packet.
Table 5.50.: Static Route Flags
NG800
84
User Manual for NRSW version 4.8.0.102
5.4.2. Extended Routing Extended routes can be used to perform policy-based routing, they generally precede static routes.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
Static Routes Extended Routes
Multipath Routes Multicast
IGMP Proxy Static Routes BGP OSPF Mobile IP Administration QoS Administration
Classification
Extended Routes
Extended routes can be used to perform policy-based routing. In general, they precede any other static routes.
Interface Source
Destination
TOS Route to
ANY
4.4.4.4/32
8.8.8.8/32
any WWAN1
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG
Figure 5.23.: Extended Routing
In contrast to static routes, extended routes can be made up, not only of a destination address/netmask, but also a source address/netmask, incoming interface and the type of service (TOS) of packets.
Parameter Source address Source netmask Destination address Destination
netmask Incoming interface Type of service Route to
discard if down
Extended Route Configuration The source address of a packet The source address of a packet The destination address of a packet The destination address of a packet The interface on which the packet enters the system The TOS value within the header of the packet Specifies the target interface or gateway to where the packet should get routed to Discard packets if the specified interface is down
NG800
85
User Manual for NRSW version 4.8.0.102
5.4.3. Multipath Routes
Multipath routes will perform weighted IP-session distribution for particular
subnets across multiple interfaces.
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
Static Routes Extended Routes Multipath Routes Multicast
IGMP Proxy Static Routes BGP OSPF Mobile IP Administration QoS Administration
Classification
Multipath Routes Multipath routes will perform weighted IP-session distribution for particular subnets across multiple interfaces.
Destination 8.8.4.4/32
Distribution
WWAN1 (50%) LAN2 (50%)
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG
Figure 5.24.: Multipath Routes
At least two interfaces have to be defined to establish multipath routing. Additional interfaces can be added by pressing the plus sign.
Parameter Target network/netmask Interface Weight NextHop
Add Multipath Routes Defines the target network for which multipath routing shall be applied Selects the interface for one path Weight of the interface in relation to the others Overrides the default gateway of this interface
NG800
86
User Manual for NRSW version 4.8.0.102
5.4.4. Multicast
Multicast distributes IP packets to subscribers in a one-to-many relationship.
The subscribers use multicast messages to subscribe to a MCR group and receive
the data in form of multicast packets. Therefore the messages are sent by the
packet sink to the packet source. Multicast routing (MCR) is used to farward
multicast data from one network to another.
Attention: As multicast is used to send data from one source to several
destinations on the same network it is quite common for testing applications
to set the TTL of multicast packets to 1 to prevent the packets from spilling
into other networks. If you want to route multicast packets (that’s why it is
called MCR) you’ll have to make sure to send your data with a TTL > 1.
Multicast routing can be configured and managed by a daemon. Only one MCR
daemon can be used at a time.
NetModule routers ship with two different MCR daemons to select from depending
on your dependencies:
Parameter IGMP proxy
static routes
disabled
Administrative Status
Forwarding of multicast messages that are dynamically detected on a given
interface to another interface
List of MCR rules to forward messages of dedicated source and group from a
given interface to another
Disable routing of multicast messages
IGMP proxy IGMP proxy which is able to maintain multicast groups on a particular interface and distribute incoming multicast packets towards the downstream interfaces on which hosts have joined the groups.
Parameter Incoming interface
Sender network Sender netmask Distribute to
Multicast Routing Settings The upstream interface on which multicast groups
are joined and on which multicast packets come in
The multicast source network address
The multicast source network mask
Specifies the downstream interfaces to which multicast packets will be
forwarded
Static Routes Routes multicast packets in different directions depending on their origin and group based on a given set of MCR rules:
NG800
87
User Manual for NRSW version 4.8.0.102
Parameter Group Source Incoming interface Outgoing interface
Static Multicast Route IP address of MCR group Source-IP of the packets Interface to the packet source Interface to forward the packets to
NG800
88
User Manual for NRSW version 4.8.0.102
5.4.5. BGP
The BGP tab allows to set up peerings of the NetModule router with other Border Gateway Protocol enabled routers.
Parameter
BGP General Settings
Administrative status
Specifies whether the BGP routing protocol is active
Router ID
Optionally the router ID can be defined in form of a dotted IPv4 representation like 1.2.3.4. If the ID is omitted, the BGP daemon will try to determine a valid value or fall back to 0.0.0.0
AS number
The number of the autonomous system to which the NetModule router belongs (1-4294967295)
Redistribute routes
connected Redistribute routes to networks which are directly connected to the NetModule router
Redistribute local routes
Redistribute routes from the NetModule router’s own routing table
Redistribute OSPF routes Redistribute routes learned via the OSPF routing protocol
Disable when redundancy Disables the BGP protocol when the router is set to slave mode by
backup
the VRRP redundancy protocol
Keepalive timer
The interval in seconds of sending keepalive message
Holddown timer
The time in seconds how long the router will wait for incomming BGP messages until the router will assume the neighbor is dead
The neighbors tab is used to configure all the BGP routers to peer with.
Parameter IP address As number Password
Multihop
Address Family
Weight
BGP Neighbors IP address of the peer router
Autonomous system number of the peer router (1-4294967295)
Password for authentication with the peer router. If left blank authentication
is disabled.
Allow multiple hops between this router and the peer router instead of
requiring the peer to be directly connected.
Select whether ipv4-unicast or l2vpn-evpn address family shall be enabled
This parameter specifies the default weight for the neighbor route
The Networks tab allows to add IP network prefixes that shall be distributed via BGP in addition to the networks that are redistributed from other sources as defined on the general tab.
Parameter Prefix
BGP Networks Prefix of the network to be distributed
NG800
89
User Manual for NRSW version 4.8.0.102
Parameter Prefix length
BGP Networks Length of the prefix to be distributed
NG800
90
User Manual for NRSW version 4.8.0.102
5.4.6. OSPF
The OSPF menu allows the NetModule router to be added to a network of OSPF routers.
Parameter
OSPF General Settings
Administrative status
Specifies whether the OSPF routing protocol is active
Router ID
The router-id is a unique identity to the NetModule router. If no routerid is specified, the system will automatically choose the highest IP address as the router-id.
Redistribute routes
connected Redistribute routes to networks which are directly connected to the NetModule router
Redistribute local routes
Redistribute routes from the NetModule router’s own routing table
Redistribute BGP routes
Redistribute routes learned via the BGP routing protocol
Redistribute default route Redistribute the routers default route
Disable when redundancy Disables the OSPF protocol when the router is set to slave mode by
backup
the VRRP redundancy protocol
The interfaces tab is used to define OSPF specific settings for the IP interfaces of the router. If no settings are defined for a specific interface, default settings will be used.
Parameter Interface Authentication
Key Key ID Cost
Passive
OSPF Interfaces The name of the interface for which settings shall be defined The authentication protocol to be used on the interface to authenticate OSPF packets The key to be used for authentication The ID of the key to be used for authentication (1-255) The cost for sending packets via this interface. If not specified or set to 0 OSPF defaults are used. Do not send out OSPF packets on this interface
The networks tab defines the IP networks to be handled in OSPF as well as to which routing area they belong.
Parameter Prefix Prefix length Area
OSPF Networks Prefix of the network Length of the prefix Routing area to which this interface belongs (0-65535, 0 means backbone)
NG800
91
User Manual for NRSW version 4.8.0.102
5.4.7. Mobile IP
Mobile IP (MIP) can be used to enable seamless switching between different
kinds of WAN links (e.g. WWAN/WLAN). The mobile node hereby remains reachable
via the same IP address (home address) at any time, independently of the WAN
link being used. Effectively, any WAN link switch causes very small outages
during switchover while keeping all IP connections alive.
Moreover, NetModule routers also support NAT-Traversal for mobile nodes running behind a firewall (performing NAT), which makes mobile nodes even there accessible from a central office via their home address, and thus, bypassing any complicated VPN setups.
The home agent accomplishes this by establishing a tunnel (similar to a VPN tunnel) between itself and the mobile node. WAN link switching works by telling the home agent that the WAN IP address (called the care-of address in MIP terms) of the mobile node has changed. The home agent will then encapsulate packets destined to a mobile node’s home address into a tunnel packet containing the current care-of address of the mobile node as its destination address.
To prevent problems with firewalls and private IP addressing, the MIP implementation always employs reverse tunneling, which means that all traffic sent by a mobile node is relayed via the tunnel to the home agent instead of directly being conveyed to the final destination. This fact also empowers MIP to be used as a lightweight VPN replacement (without payload secrecy).
The MIP implementation supports RFCs 3344, 5177, 3024 and 3519. For applications requiring vast numbers of mobile nodes, interoperability with the Cisco 2900 Series home agent implementation has been verified. However, since NetModule routers implement a mobile node as well as a home agent, a MIP network with up to 10 mobile nodes can be implemented without requiring expensive third party routers.
If MIP is run as a mobile node, the following settings can be configured:
Parameter
Mobile IP Configuration
Primary home agent ad- The address of the primary home agent dress
Secondary home agent ad- The address of the secondary home agent. The mobile node will try to
dress
register with this home agent, if the primary home agent is not reach-
able.
Home address
The permanent home address of the mobile node which can be used to reach the mobile router at any time.
SPI
The Security Parameter Index (SPI) identifying the security context for
the mobile IP tunnel between the mobile node and the home agent.
This is used to distinguish mobile nodes from each other. Therefore
each mobile node needs to be assigned a unique SPI. This is a 32-bit
hexadecimal value.
Authentication type
The used authentication algorithm. This can be prefix-suffix-md5 (default for MIP) or hmac-md5.
NG800
92
User Manual for NRSW version 4.8.0.102
Parameter Shared secret
Life time MTU UDP encapsulation Mobile network address
Mobile network mask
Mobile IP Configuration
The shared secret used for authentication of the mobile node at the home
agent. This can be either a 128-bit hexadecimal value or a random length ASCII
string.
The lifetime of security associations in seconds.
The maximum transmission unit in byte, default value 1468.
Specifies whether UDP encapsulation shall be used or not. To allow NAT
traversal, UDP encapsulation must be enabled.
Optionally specifies a subnet which should be routed to the mobile node. This
information is forwarded via Network Mobility (NEMO) extensions to the home
agent. The home agent can then automatically add IP routes to the subnet via
the mobile node. Note that this feature is not supported by all third party
home agent implementations.
The network mask for the optional routed network.
NG800
93
User Manual for NRSW version 4.8.0.102
If MIP is run as a home agent, you will have to set up a home address and network mask for the home agent first. Then you will need to add the configuration for all mobile nodes which is made up of the following settings:
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGO
References
- autorun.sh
- My Dyn Account
- NetModule | Robust Communication
- Licenses – Open Source Initiative
- Home | u-blox
- app-notes:hayes-modem [NetModule Router Wiki]
- app-notes:hayes-modem-at-simulator [NetModule Router Wiki]
- GPSD redirection page
- The FreeBSD Project
- The GNU Operating System and the Free Software Movement
- GNU General Public License v2.0 - GNU Project - Free Software Foundation
- gnu.org/licenses/gpl-2.0.txt
- gnu.org/licenses/lgpl.txt
- netfilter/iptables project homepage - The netfilter.org project
- /index.html
- /index.html
- Business VPN For Secure Networking | OpenVPN
- PHP: Hypertext Preprocessor
- Home | u-blox
- Wireshark · Go Deep
- Support | NetModule
- Support | NetModule
- Login required - ITxPT Wiki
- start [NetModule Router Wiki]
- NetModule | Robust Communication
- Downloads | Router Software | NetModule