NETMODULE NB3800 Series NB3800-2LD2WAC-G Railway Router User Manual

NB3800 Series NB3800-2LD2WAC-G Railway Router

NetModule Router NB3800
User Manual for Software Version 4.3
Manual Version 1.12
NetModule AG, Switzerland August 3, 2021

NB3800 User Manual for NRSW version 4.3

NetModule Router NB3800
This manual covers all variants of the NB3800 product type.
The specifications and information regarding the products in this manual are subject to change without notice. We would like to point out that NetModule makes no representation or warranties with respect to the contents herein and shall not be responsible for any loss or damage caused to the user by the direct or indirect use of this information This document may contain information about third party products or processes. Such third party information is generally out of influence of NetModule and therefore NetModule shall not be responsible for the correctness or legitimacy of this information. Users must take full responsibility for their application of any products.

Copyright ©2021 NetModule AG, Switzerland All rights reserved

This document contains proprietary information of NetModule. No parts of the work described herein may be reproduced. Reverse engineering of the hardware or software is prohibited and protected by patent law. This material or any portion of it may not be copied in any form or by any means, stored in a retrieval system, adopted or transmitted in any form or by any means (electronic, mechanical, photographic, graphic, optic or otherwise), or translated in any language or computer language without the prior written permission of NetModule.
A large amount of the source code to this product is available under licenses which are both free and open source. Most of it is covered by the GNU General Public License which can be obtained from www.gnu.org. The remainder of the open source software which is not under the GPL, is usually available under one of a variety of more permissive licenses. A detailed license information for a particular software package can be provided on request.
All other products or company names mentioned herein are used for identification purposes only and may be trademarks or registered trademarks of their respective owners. The following description of software, hardware or process of NetModule or other third party provider may be included with your product and will be subject to the software, hardware or other license agreements.

Contact
www.netmodule.com/support

NetModule AG Maulbeerstrasse 10 CH-3011 Bern Switzerland

Tel +41 31 985 25 10 Fax +41 31 985 25 11 info@netmodule.com http://www.netmodule.com

2

NB3800 User Manual for NRSW version 4.3
Contents
1. Welcome to NetModule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2. Conformity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1. Safety Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.2. Declaration of Conformity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.3. Waste Disposal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.4. National Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2.5. Open Source Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3. Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.1. Appearance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.2. Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.3. Environmental Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.4. Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.4.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3.4.2. Default LED Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 3.4.3. Reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 3.4.4. Mobile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.4.5. WLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.4.6. GNSS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3.4.7. USB 2.0 Host Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.4.8. M12 Ethernet Connectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.4.9. Power Supply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 3.4.10.Extension Connector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 3.5. Data Storage (Option Dx) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 4. Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 4.1. Installation of the Mini-SIM Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 4.2. Installation of the GSM/UMTS/LTE Antenna . . . . . . . . . . . . . . . . . . . . . . . . 33 4.3. Installation of the WLAN Antennas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 4.4. Installation of the GNSS Antenna . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 4.5. Installation of the Local Area Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 4.6. Installation of the Power Supply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 4.7. Installation of the Audio Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5. Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.1. First Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.1.1. Initial Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.1.2. Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 5.2. HOME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 5.3. INTERFACES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 5.3.1. WAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 5.3.2. Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 5.3.3. Mobile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 5.3.4. WLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 5.3.5. Software Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 5.3.6. USB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 5.3.7. Serial Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 5.3.8. Audio . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 5.3.9. GNSS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
3

NB3800 User Manual for NRSW version 4.3
5.4. ROUTING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 5.4.1. Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 5.4.2. Extended Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 5.4.3. Multipath Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 5.4.4. Mobile IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 5.4.5. Quality Of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 5.4.6. Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 5.4.7. OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 5.4.8. BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
5.5. FIREWALL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 5.5.1. Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 5.5.2. Adress/Port Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 5.5.3. Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 5.5.4. NAPT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
5.6. VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 5.6.1. OpenVPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 5.6.2. IPsec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 5.6.3. PPTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 5.6.4. GRE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 5.6.5. L2TP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 5.6.6. Dial-In . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
5.7. SERVICES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 5.7.1. SDK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 5.7.2. DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 5.7.3. DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 5.7.4. NTP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136 5.7.5. Dynamic DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 5.7.6. E-Mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 5.7.7. Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 5.7.8. SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 5.7.9. SSH/Telnet Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 5.7.10.SNMP Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 5.7.11.Web Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 5.7.12.Softflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 5.7.13.Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 5.7.14.Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 5.7.15.Voice Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
5.8. SYSTEM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 5.8.1. System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 5.8.2. Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 5.8.3. Software Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 5.8.4. Module Firmware Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170 5.8.5. Software Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 5.8.6. Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 5.8.7. Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 5.8.8. Keys and Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 5.8.9. Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 5.8.10.Legal Notice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
5.9. LOGOUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
4

NB3800 User Manual for NRSW version 4.3
6. Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 6.1. General Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 6.2. Print Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 6.3. Getting Config Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 6.4. Setting Config Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 6.5. Checking Config Completed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 6.6. Getting Status Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 6.7. Scanning Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 6.8. Sending E-Mail or SMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 6.9. Updating System Facilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 6.10. Manage keys and certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190 6.11. Restarting Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190 6.12. Debug System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 6.13. Resetting System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 6.14. Rebooting System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 6.15. Running Shell Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 6.16. Working with History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 6.17. CLI-PHP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
A. Appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 A.1. Abbrevations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 A.2. System Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 A.3. Factory Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 A.4. SNMP VENDOR MIB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 A.5. SDK Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
5

NB3800 User Manual for NRSW version 4.3
List of Figures
5.1. Initial Login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 5.2. Home . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 5.3. WAN Links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 5.4. WAN Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 5.5. Link Supervision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 5.6. Ethernet Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 5.7. Ethernet Link Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 5.8. VLAN Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 5.9. LAN IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 5.10. SIMs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 5.11. WWAN Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 5.12. WLAN Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 5.13. WLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 5.14. WLAN IP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 5.15. USB Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 5.16. USB Device Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 5.17. Serial Port Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76 5.18. Serial Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 5.19. Static Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 5.20. Extended Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 5.21. Multipath Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 5.22. Mobile IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 5.23. Firewall Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 5.24. Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 5.25. Masquerading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 5.26. Inbound NAPT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 5.27. OpenVPN Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 5.28. OpenVPN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 5.29. OpenVPN Client Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 5.30. IPsec Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 5.31. IPsec Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 5.32. PPTP Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 5.33. PPTP Tunnel Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 5.34. PPTP Client Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 5.35. Dial-in Server Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 5.36. SDK Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 5.37. SDK Jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 5.38. DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 5.39. DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 5.40. NTP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136 5.41. Dynamic DNS Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 5.42. E-Mail Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 5.43. SMS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 5.44. SSH and Telnet Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 5.45. SNMP Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 5.46. Web Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
6

NB3800 User Manual for NRSW version 4.3
5.47. VRRP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 5.48. Voice Gateway Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 5.49. System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 5.50. Regional settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 5.51. User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 5.52. Remote Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 5.53. Manual File Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 5.54. Automatic File Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 5.55. Factory Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174 5.56. Log Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 5.57. Tech Support File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 5.58. Keys and certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 5.59. Certificate Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 5.60. Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
7

NB3800 User Manual for NRSW version 4.3
List of Tables
3.1. Environmental Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.2. NB3800 Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 3.3. NB3800 Status Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 3.4. Ethernet Status Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 3.5. Mobile Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.6. Mobile Antenna Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.7. IEEE 802.11 Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.8. WLAN Antenna Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.9. GNSS Specifications option G . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3.10. GNSS Specifications option Gd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3.11. GNSS / GPS Antenna Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . 19 3.12. USB 2.0 Host Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.13. Ethernet Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.14. Pin Assignments of 4 Poles Ethernet Connectors . . . . . . . . . . . . . . . . . . . . . 20 3.15. Pin Assignments of 8 Poles Ethernet Connectors . . . . . . . . . . . . . . . . . . . . . 21 3.16. Power Input Specifications Variant Pa . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 3.17. Power Input Specifications Variant Pb . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.18. Pin Assignments of Power Connector . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 3.19. Pin Assignments of Digital Inputs and Outputs . . . . . . . . . . . . . . . . . . . . . . . 23 3.20. Audio Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 3.21. Pin Assignments of Audio Port Signals (EP1 / EP2) . . . . . . . . . . . . . . . . . . . . 24 3.22. CAN Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 3.23. Pin Assignments of CAN Port Signals (EP1 / EP2) . . . . . . . . . . . . . . . . . . . . 25 3.24. IBIS Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 3.25. Pin Assignments of IBIS Port Signals (EP1 / EP2) . . . . . . . . . . . . . . . . . . . . . 26 3.26. Non- isolated RS-232 Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . 27 3.27. Pin Assignments of RS-232 Port Signals (EP1 / EP2) . . . . . . . . . . . . . . . . . . . 27 3.28. Isolated RS-232 Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 3.29. Pin Assignments of RS-232 Port Signals (EP1 and EP2) . . . . . . . . . . . . . . . . . 28 3.30. RS-485 Port Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 3.31. Pin Assignments of RS-485 Port Signals (EP1 / EP2) . . . . . . . . . . . . . . . . . . . 29 3.32. Common Digital I/O Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 3.33. Isolated Digital Input Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 3.34. Isolated Digital Output Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 3.35. Pin Assignments of variant with two DIO Ports . . . . . . . . . . . . . . . . . . . . . . . 31 3.36. Storage Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
4.1. LTE/UMTS antenna port types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 4.2. WLAN antenna port types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5.20. IEEE 802.11 Network Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 5.47. Static Route Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 5.94. SMS Control Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 5.104. SMS Number Expressions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 5.147. Certificate Sections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 5.148. Certificate Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
8

NB3800 User Manual for NRSW version 4.3
A.1. Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 A.2. System Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 A.3. SDK Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
9

NB3800 User Manual for NRSW version 4.3
1. Welcome to NetModule
Thank you for purchasing a NetModule Router. This document should give you an introduction to the router and its features. The following chapters describe any aspects of commissioning the device, installation procedure and provide helpful information towards configuration and maintenance. Please find further imformation such as sample SDK script or configuration samples in our wiki on http://wiki.netmodule.com.
10

NB3800 User Manual for NRSW version 4.3
2. Conformity
This chapter provides general information for putting the router into operation.
2.1. Safety Instructions
Please carefully observe all safety instructions in the manual that are marked with the symbol . Compliance information: The NetModule routers must be used in compliance with any and all applicable national and international laws and with any special restrictions regulating the utilization of the communication module in prescribed applications and environments. Information about the accessories / changes to the device: ­ Please only use original accessories to prevent injuries and health risks. ­ Changes made to the device or the use of non-authorized accessories will render the warranty null and void and potentially invalidate the operating license. ­ NetModule routers must not be opened (SIM cards may be used according to the instructions).
11

NB3800 User Manual for NRSW version 4.3
Information about the device interfaces: ­ All systems that are connected to the NetModule router interfaces must meet the
requirements for SELV (Safety Extra Low Voltage) systems. ­ Interconnections must not leave the building nor penetrate the body shell of a vehicle. ­ Connections for antennas may only exit the building or the vehicle hull if transient
overvoltages (according to IEC 62368-1) are limited by external protection circuits down to 1 500 Vpeak. All other connections must remain within the building or the vehicle hull. ­ Always keep a distance of more than 40 cm from the antenna in order to reduce exposure to electromagnetic fields below the legal limits. ­ Devices with a WLAN interface may be operated only with applicable Regulatory Domain configured. Special attention must be paid to country, number of antennas and the antenna gain (see also chapter 5.3.4). The maximum allowed gain is 3dBi in the relevant frequency range. WLAN antennas with a higher amplification may be used with the NetModule router “Enhanced- RF-Configuration” software license and the antenna gain and cable attenuation that have been correctly configured by certified specialized personnel. A misconfiguration will lead to loss of the approval. ­ Cellular antennas attached to the router must have an antenna gain of equal or less than 2.5 dBi. The user is responsible for the compliance with the legal regulations. ­ Only CE-compliant power supplies with a current-limited SELV output voltage range may be used with the NetModule routers.1
General safety instructions: ­ Observe the usage limitations of radio units at filling stations, in chemical plants, in
systems with explosives or potentially explosive locations. ­ The devices may not be used in airplanes. ­ Exercise particular caution near personal medical aids, such as pacemakers and hear-
ing aids. ­ The NetModule routers may also cause interference in the nearer distance of TV sets,
radio receivers and personal computers. ­ Never perform work on the antenna system during a thunderstorm. ­ The devices are generally designed for normal indoor use. Do not expose the devices
to extraordinary environmental conditions worse than IP40. ­ Protect them against aggressive chemical atmospheres and humidity or temperatures
outside specifications. ­ We highly recommended creating a copy of a working system configuration. It can be
easily applied to a newer software release afterwards.
1Note: Power supplies for routers with the Pb option (72-110 VDC) cannot be a SELV circuit, since the voltage is greater than 60 VDC.
12

NB3800 User Manual for NRSW version 4.3
2.2. Declaration of Conformity
NetModule hereby declares that under our own responsibility that the routers comply with the relevant standards following the provisions of the RED Directive 2014/53/EU. The signed version of the Declaration of Conformity can be obtained from http://www.netmodule.com/downloads
2.3. Waste Disposal
In accordance with the requirements of the Council Directive 2012/19/EU regarding Waste Electrical and Electronic Equipment (WEEE), you are urged to ensure that this product will be segregated from other waste at end-of-life and delivered to the WEEE collection system in your country for proper recycling.
2.4. National Restrictions
This product may be generally used in all EU countries (and other countries following the RED Directive 2014/53/EU) without any limitation. Please refer to our WLAN Regulatory Database for getting further national radio interface regulations and requirements for a particular country.
13

NB3800 User Manual for NRSW version 4.3
2.5. Open Source Software
We inform you that NetModule products may contain in part open-source software. We are distributing such open-source software to you under the terms of GNU General Public License (GPL)2, GNU Lesser General Public License (LGPL)3 or other open-source licenses4. These licenses allow you to run, copy, distribute, study, change and improve any software covered by GPL, Lesser GPL, or other open-source licenses without any restrictions from us or our end user license agreement on what you may do with that software. Unless required by applicable law or agreed to in writing, software distributed under open-source licenses is distributed on an “AS IS” basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. To obtain the corresponding open source codes covered by these licenses, please contact our technical support at router@support.netmodule.com.
Acknowledgements This product includes:
­ PHP, freely available from http://www.php.net ­ Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org) ­ Cryptographic software written by Eric Young (eay@cryptsoft.com) ­ Software written by Tim Hudson (tjh@cryptsoft.com) ­ Software written Jean-loup Gailly and Mark Adler ­ MD5 Message-Digest Algorithm by RSA Data Security, Inc. ­ An implementation of the AES encryption algorithm based on code released by Dr Brian Glad-
man ­ Multiple-precision arithmetic code originally written by David Ireland ­ Software from The FreeBSD Project (http://www.freebsd.org)
2Please find the GPL text under http://www.gnu.org/licenses/gpl-2.0.txt 3Please find the LGPL text under http://www.gnu.org/licenses/lgpl.txt 4Please find the license texts of OSI licenses (ISC License, MIT License, PHP License v3.0, zlib License) under
http://opensource.org/licenses
14

NB3800 User Manual for NRSW version 4.3
3. Specifications
3.1. Appearance
3.2. Features
All models of NB3800 have the following standard functionalities: ­ Galvanically isolated power supply ­ 2x Gbit Ethernet ports (M12, x-coded) ­ 3x Fast Ethernet ports (M12, d-coded) ­ 1x USB 2.0 host port ­ 4x mini SIM card slots ­ 1x Extension port
The NB3800 can be equipped with the following options: ­ LTE, UMTS, GSM ­ WLAN IEEE 802.11 ­ GPS/GNSS ­ GSM-R ­ RS-232 ­ RS-485
15

NB3800 User Manual for NRSW version 4.3

­ IBIS ­ CAN ­ Audio ­ 1 TB internal storage ­ Software Keys
Due to its modular approach, the NB3800 router and its hardware components can be arbitrarily assembled according to its indented usage or application. Please contact us in case of special project requirements.

3.3. Environmental Conditions

Parameter Input Voltage (Variant Pa) Input Voltage (Variant Pb) Operating Temperature Range
Storage Temperature Range Humidity Altitude (Variant Pa) Altitude (Variant Pb) Over-Voltage Category Pollution Degree Ingress Protection Rating

Rating
24 VDC to 48 VDC (-30% / +30%)
72 VDC to 110 VDC (-30% / +30%)
24-48 VDC: EN50155 TX (-40 C to +70 C) with max. 4 radio modules 24-48 VDC: EN50155 T1 (-25 C to +55 C) with max. 6 radio modules 72-110 VDC: EN50155 TX (-40 C to +70 C) with max. 4 radio modules 72-110 VDC: EN50155 T2 (-40 C to +55 C) with max. 5 radio modules
-40 C to +85 C
0 to 95% (non-condensing)
up to 4000m
up to 2000m
I
2
IP40 (with SIM and USB covers mounted)

Table 3.1.: Environmental Conditions

Attention: When using the Pb variant with an input voltage higher than 60 VDC, the router MUST be connected to an earth protection.

16

NB3800 User Manual for NRSW version 4.3
3.4. Interfaces
3.4.1. Overview

Nr. Label 1 LED Indicators 2 Reset 3 SIM 1-4 4 USB 5 ETH 1-3 6 ETH 4-5 7 GNSS 8
9 PWR

Function LED Indicators for the different interfaces Reboot and factory reset button SIM 1-4, they can be assigned dynamically to any modem by configuration. USB 2.0 host port, can be used for software/configuration updates. FastEthernet switch ports, can be used as LAN or WAN interface. Gigabit Ethernet switch ports, can be used as LAN or WAN interface. TNC female connector for GPS/GLONASS antenna
Earth protection connector, connected to the ground of the power supply VGND. If used, connect a yellow-green marked cable with at least 6mm2 copper area. Avoid corrosion and protect the screws against loosening. Power supply (galvanically isolated)

17

NB3800 User Manual for NRSW version 4.3

Nr. Label 10 MOB 1 11 EXT 12 MOB 2 13 MOB 3 14 MOB 4/ WLAN 2 15 MOB 5/ WLAN 1

Function TNC female connectors for MIMO mobile antenna 1 Galvanically isolated extension port M12 connector TNC female connectors for MIMO mobile antenna 2 TNC female connectors for MIMO mobile antenna 3 TNC female connectors for MIMO Mobile/WLAN antenna TTNC female connectors for MIMO Mobile/WLAN antenna

Table 3.2.: NB3800 Interfaces

3.4.2. Default LED Indicators

Status LEDs The following table describes the NB3800 status indicators.

Label STAT

Color

MOB1 MOB2 WLAN1 WLAN2 GNSS Voice

[1] [1] [1] [1]

State blinking
on on on blinking off on blinking off on blinking off on blinking off on blinking off on off

Function The device is busy due to startup, software or configuration update. The device is ready. The captions of the top bank apply. The device is ready. The captions of the bottom bank apply. Mobile connection 1 is up. Mobile connection 1 is being established. Mobile connection 1 is down. Mobile connection 2 is up. Mobile connection 2 is being established. Mobile connection 2 is down. WLAN connection 1 is up. WLAN connection 1 is being established. WLAN connection 1 is down. WLAN connection 2 is up. WLAN connection 2 is being established. WLAN conne ction 2 is down. GNSS is turned on and a valid NMEA stream is available. GNSS is searching for satellites. GNSS is turned off or no valid NMEA stream is available. A voice call is currently active. No voice call is active.

18

NB3800 User Manual for NRSW version 4.3

Label

Color

State Function

USR1

on

User defined.

off

User defined.

USR2

on

User defined.

off

User defined.

USR3

on

User defined.

off

User defined.

USR5

on

User defined.

off

User defined.

USR5

on

User defined.

off

User defined.

EXT1

on

Extension port 1 is on.

off

Extension port 1 is off.

EXT2

on

Extension port 2 is on.

off

Extension port 2 is off.

[1] The color of the LED represents the signal quality for wireless links.

red means low

yellow means moderate

green means good or excellent

Table 3.3.: NB3800 Status Indicators

Ethernet LEDs The following table describes the Ethernet status indicators.

Label ETH1-5

Color

State on
blinking off

Function Link on (10 Mbit/s, 100 Mbit/s or 1000 Mbit/s) Activity no Link

Table 3.4.: Ethernet Status Indicators

19

NB3800 User Manual for NRSW version 4.3 3.4.3. Reset The reset button has two functions:
1. Reboot the system: Press at least 3 seconds to release a system reboot. The reboot is indicated with the red blinking STAT LED.
2. Factory reset: Press at least 10 seconds to release a factory reset. The start of the factory reset is confirmed by all LEDs lighting up for a second.
20

NB3800 User Manual for NRSW version 4.3

3.4.4. Mobile
The various variants of the NB3800 support up to 4 WWAN modules for mobile communication. The LTE modules support 2×2 MIMO.

Standard

Bands

EDGE/GPRS/GSM

B5(850), B8(900), B3(1800), B2(1900)

DC-HSPA+/UMTS

B5(850), B8(900), B2(1900), B1(2100)

LTE, UMTS, GSM Modem for B1(2100), B3(1800), B5(850), B7(2600), B8(900), B20(800) EMEA (Cat. 4)

LTE Advanced, EMEA (Cat. 6)

UMTS

for B30 (2300 WCS), B41 (TDD 2500), B29 (US 700de Lower), B26 (US 850 Ext), B25 (1900), B5 (850), B20 (800DD), B13 (700c), B12 (700ac), B7 (2600), B4 (AWS), B3 (1800), B2 (1900), B1 (2100)

Table 3.5.: Mobile Interface Note: This enumeration is not meant to be exhaustive.

The mobile antenna ports have the following specification:

Feature

Specification

Max. allowed cable length

30 m

Max. allowed antenna gain including cable attenuation

2.5 dBi

Min. distance between collocated ra- 20 cm dio transmitter antennas (Example: MOB1 to MOB2)

Min. distance between people and an- 40 cm tenna

Connector type

TNC

Table 3.6.: Mobile Antenna Port Specification

21

NB3800 User Manual for NRSW version 4.3

3.4.5. WLAN The variants of the NB3800 support up to 2 802.11 a/b/g/n/ac WLAN modules.

Standard 802.11a 802.11b 802.11g 802.11n 802.11ac

Frequencies 5 GHz 2.4 GHz 2.4 GHz 2.4/5 GHz 5 GHz

Bandwidth 20 MHz 20 MHz 20 MHz 20/40 MHz 20/40/80 MHz

Data Rate 54 Mbit/s 11 Mbit/s 54 Mbit/s 300 Mbit/s 866.7 Mbit/s

Table 3.7.: IEEE 802.11 Standards

Note: 802.11n and 802.11ac support 2×2 MIMO

The WLAN antenna ports have the following specification:

Feature

Specification

Max. allowed cable length

30 m

Max. allowed antenna gain including cable attenuation

3.0 dBi1

Min. distance between collocated ra- 20 cm dio transmitter antennas (Example: WLAN1 to MOB1)

Min. distance between people and an- 40 cm tenna

Connector type

TNC

Table 3.8.: WLAN Antenna Port Specification

1Note: WLAN antennas with a higher amplification may be used with the NetModule router “Enhanced-RF-Configuration” software license and the antenna gain and cable attenuation that have been correctly configured by certified specialized personnel.
22

NB3800 User Manual for NRSW version 4.3

3.4.6. GNSS GNSS (Option G) The GNSS is used from a WWAN Module.

Feature Systems
Data stream Tracking sensitivity Supported antennas

Specification GPS/GLONASS, (GALILEO/BEIDOU depending on module) JSON or NMEA Up to -165 dBm Active and passive

Table 3.9.: GNSS Specifications option G

GNSS (Option Gd) The GNSS module supports Dead Reckoning with onboard 3D accelerometer and 3D gyroscope.

Feature Systems Data stream Channels Tracking sensitivity Accuracy Dead Reckoning Modes
Supported antennas

Specification GPS/GLONASS/BeiDu/Galileo ready NMEA or UBX 72 Up to -160 dBm Up to2.5m CEP UDR: Untethered Dead Reckoning ADR: Automotive Dead Reckoning Active and passive

Table 3.10.: GNSS Specifications option Gd

The GNSS antenna port have the following specification:

Feature

Specification

Max. allowed cable length

30 m

Max. allowed antenna gain

3.0 dBi

Min. distance between collocated ra- 20 cm dio transmitter antennas (Example: WLAN1 to MOB1)

Connector type

TNC

Table 3.11.: GNSS / GPS Antenna Port Specification

23

NB3800 User Manual for NRSW version 4.3

3.4.7. USB 2.0 Host Port The USB 2.0 host port has the following specification:

Feature Speed Current Max. cable length Cable shield Connector type

Specification Low, Full & Hi-Speed max. 500 mA 3m mandatory Type A

Table 3.12.: USB 2.0 Host Port Specification

3.4.8. M12 Ethernet Connectors

Specification

Feature Isolation to enclosure Speed
Mode Crossover Max. cable length Cable type Cable shield Connector type

Specification 1500 VDC Fast Ethernet: 10/100 Mbit/s Gigabit Ethernet: 10/100/1000 Mbit/s Half- & Full-Duplex Automatic MDI/MDI-X 100 m CAT5e or better mandatory Fast Ethernet: M12 d-coded Gigabit Ethernet: M12 x-coded

Table 3.13.: Ethernet Port Specification

Pin Assignment on M12, 4 poles, D-coded female

Pin Signal 1 Tx+ 2 Rx+ 3 Tx- 4 Rx-

Pinning

Table 3.14.: Pin Assignments of 4 Poles Ethernet Connectors

24

NB3800 User Manual for NRSW version 4.3

Pin Assignment on M12, 8 poles, X-coded female

Pin Signal 1 M1+ / DA+ 2 M1- / DA- 3 M0+ / DB+ 4 M0- / DB- 5 M2+ / DD+ 6 M2- / DD- 7 M3- / DC- 8 M3+ / DC+

Pinning

Table 3.15.: Pin Assignments of 8 Poles Ethernet Connectors

3.4.9. Power Supply

Standard variant Pa (24 VDC to 48 VDC) The power input has the following specifications:

Feature Power supply nominal voltages
Voltage range Max. power consumption Typ. Inrush-Current-Integral
Max. cable length Cable shield Galvanic isolation
Power interruption
Supply change over Connector type

Specification
24 VDC, 36 VDC and 48 VDC (according to EN 50155)
24 VDC to 48 VDC (-30% / +30%)
25 W 0.23 A2s at 24 Vin 0.57 A2s at 36 Vin 1.05 A2s at 48 Vin
30m
not required
yes, 1500 VDC (according to EN 50155 & EN 62368-1)
Class S2: Sustains power interruptions up to 10 ms, there are no batteries included
Class C1: 0.6 Un during 100 ms (w/o interruption)
M12, 4 poles, A-coded male

Table 3.16.: Power Input Specifications Variant Pa

25

NB3800 User Manual for NRSW version 4.3

Variant Pb (72 VDC to 110 VDC) The power input has the following specifications:

Feature Power supply nominal voltages
Voltage range Max. power consumption Typ. Inrush-Current-Integral
Max. cable length Cable shield Galvanic isolation
Power interruption
Supply change over Connector type

Specification
72 VDC, 96 VDC and 110 VDC (according to EN 50155)
72 VDC to 110 VDC (-30% / +30%)
20 W 0.13 A2s at 72 Vin 0.27 A2s at 96 Vin 0.35 A2s at 110 Vin
30m
not required
yes, 1500 VDC (according to EN 50155 & EN 62368-1)
Class S2: Sustains interruptions up to 10 ms, there are no batteries included
Class C1: 0.6 Un during 100 ms (w/o interruption)
M12, 4 poles, A-coded male

Table 3.17.: Power Input Specifications Variant Pb

Pin Assignment M12, 4 poles, A-coded male

Pin Signal

1 V+ (24-48 VDC or 72-110 VDC)

2 Not connected

3

VGND

4 Not connected

Pinning

Table 3.18.: Pin Assignments of Power Connector

26

NB3800 User Manual for NRSW version 4.3

3.4.10. Extension Connector
Available Options The NB3800 has an M12 A-coded female extension connector with 8 pins. The 8 pins are split into two logical ports: Pins 1 to 4 represent Extension Port 1 (EP1) and pin 5 to 8 represent Extension Port 2 (EP2). On both EP1 and EP2 the following interfaces may be present:
­ Audio (Option A) ­ CAN (Option C) ­ IBIS (Option I) ­ Non-isolated RS-232 (Default configuration on EP1) ­ Isolated RS-232 (Option Sb) ­ Isolated RS-485 (Option Sa)
Attention: If two different interfaces are used for EP1 and EP2, the smaller isolation of the two is mandatory. The connector itself has an isolation between the pins of 800VDC.

Pin Signal 1 EP1 – Pin 1 2 EP1 – Pin 2 3 EP1 – Pin 3 4 EP1 – Pin 4 5 EP2 – Pin 1 6 EP2 – Pin 2 7 EP2 – Pin 3 8 EP2 – Pin 4

Pinning

Table 3.19.: Pin Assignments of Digital Inputs and Outputs

27

NB3800 User Manual for NRSW version 4.3

Audio Port Specification (Option A) The Audio port has the following specification:

Feature Protocol Input reference level 0dBFS Input Impedance Input bandwidth Input galvanic isolation to enclosure Output voltage @ 0dBFS Output bandwidth Output galvanic isolation to enclosure Max. cable length Cable shield

Specification Audio Line In/Out Signal level 1.9 Vpp 21 k 100 Hz- 15 kHz functional (max. 100 VDC) 600 , signal level 3.7 Vpp 300 Hz- 4 kHz functional (max. 100 VDC) 30 m mandatory

Table 3.20.: Audio Port Specification

EP Pins 1/5 2/6 3/7 4/8

Signal Input Channel + Input Channel – Output Channel – Output Channel +

Table 3.21.: Pin Assignments of Audio Port Signals (EP1 / EP2)

Note: In the case of stereo operation the left channel is on EP1.

28

NB3800 User Manual for NRSW version 4.3

CAN Port Specification (Option C) The CAN port has the following specification:

Feature Protocol Speed
Galvanic isolation to enclosure Internal bus termination External bus termination2 Max. cable length Cable shield Cable type Max. number of nodes Reactionless

Specification CAN V2.0B Up to 1 Mbit/s Default: 125 kbit/s 1500 VDC none 120 100 m mandatory twisted pair 110 Option Cm: CAN-Passive (monotioring only) Option Cn: CAN-Active (rx and tx enabled)

Table 3.22.: CAN Port Specification

EP Pins 1/5 2/6 3/7 4/8

Signal CAN GND L H –

Table 3.23.: Pin Assignments of CAN Port Signals (EP1 / EP2)

2Note: On each end of the CAN bus is a 120 termination mandatory
29

NB3800 User Manual for NRSW version 4.3

IBIS Port Specification (Option I) The IBIS port has the following specification:

Feature Protocol
Device type
Speed Galvanic isolation to enclosure Max. cable length Cable shield

Specification ‘IBIS Wagenbus’, according to VDV300 and VDV301 ‘IBIS Peripheriegerät’, according to VDV300 and VDV301 1200 Baud 1500 VDC 100 m not required

Table 3.24.: IBIS Port Specification

EP Pins 1/5 2/6 3/7 4/8

Signal WBSD (Signal Call/Aufrufbus) WBMS (GND Call/Aufrufbus) WBED (Signal Reply/Antwortbus) WBME (GND Reply/Antwortbus)

Table 3.25.: Pin Assignments of IBIS Port Signals (EP1 / EP2)

30

NB3800 User Manual for NRSW version 4.3

Non-isolated 3-wire RS-232 Port Specification Option S The non-isolated 3-wire RS-232 port has the following specification (bold characters show the default configuration):

Feature Protocol Baud rate
Data bits Parity Stop bits Software flow control Hardware flow control Galvanic isolation to enclosure Max. cable length Cable shield

Specification 3-wire RS-232: GND, TXD, RXD 300, 1 200, 2 400, 4 800, 9 600, 19 200, 38 400, 57 600, 115 200, 230 400, 460 800 7 bit, 8 bit none, odd, even 1, 2 none, XON/XOFF none none 10 m mandatory

Table 3.26.: Non-isolated RS-232 Port Specification

EP Pins 1/5 2/6 3/7 4/8

Signal GND TxD RxD –

Table 3.27.: Pin Assignments of RS-232 Port Signals (EP1 / EP2)

31

NB3800 User Manual for NRSW version 4.3

Isolated 5-wire RS-232 Port Specification (Option Sb) The isolated 5-wire RS-232 port has the following specification (bold characters show the default configuration):

Feature Protocol Baud rate
Data bits Parity Stop bits Software flow control Hardware flow control Galvanic isolation to enclosure Max. cable length Cable shield

Specification 5-wire RS-232: GND, TXD, RXD 600, 1 200, 2 400, 4 800, 9 600, 19 200, 38 400, 57 600, 115 200, 230 400, 460 800, 921 600 7 bit, 8 bit none, odd, even 1, 2 none, XON/XOFF none 1500 VDC 10 m mandatory

Table 3.28.: Isolated RS-232 Port Specification

EP Pins 1 2 3 4 5 6 7 8

Signal GND TxD RxD – CTS RTS –
–

Table 3.29.: Pin Assignments of RS-232 Port Signals (EP1 and EP2)

32

NB3800 User Manual for NRSW version 4.3

Isolated RS-485 Port Specification (Option Sa) The RS-485 port has the following specification (bold characters show the default configuration):

Feature Protocol Baud rate
Data bits Parity Stop bits Software flow control Hardware flow control Galvanic isolation to enclosure Internal bus termination Max. cable length Cable shield Cable type Max. number of transceivers on bus Max. number of nodes

Specification 3-wire RS-485 (GND, A, B) 600, 1 200, 2 400, 4 800, 9 600, 19 200, 38 400, 57 600, 115 200, 230 400, 460 800 7 bit, 8 bit none, odd, even 1, 2 none, XON/XOFF none 1500 VDC none 10 m mandatory Twisted Pair 256 256

Table 3.30.: RS-485 Port Specification

EP Pins 1/5 2/6 3/7 4/8

Signal GND TxD-/RxD- (A) TxD+/RxD+ (B) –

Table 3.31.: Pin Assignments of RS-485 Port Signals (EP1 / EP2)

33

NB3800 User Manual for NRSW version 4.3

Digital Inputs and Outputs (Option 2D) The isolated input and output ports have the following specification in common:

Feature Isolation to enclosure/GND Max. cable length Cable shield

Specification 1’500 VDC 30 m not required

Table 3.32.: Common Digital I/O Specification The Digital Input signal have the following specification:

Feature Number of ports Max. input voltage Max. input current Reverse polarity protection Min. voltage for Level 1 (set) Max. voltage for level 0 (not set)

Specification 2 60 VDC 2 mA Yes 7.2 VDC 5.0 VDC

Table 3.33.: Isolated Digital Input Specification

Note: A negative input voltage is not recognized.

The Digital Output signal have the following specification:

Feature Number of ports Max. continuous output current Max. switching output voltage Max. switching capacity

Specification 1xNO / 1xNC 1A 60 VDC, 42 VAC ( Vrms) 60W

Table 3.34.: Isolated Digital Output Specification

34

NB3800 User Manual for NRSW version 4.3

EP Pins 1 2 3 4 5 6 7 8

Signal DI1+ DI1DI2+ DI2DO1: Normally open DO1: Normally open DO2: Normally closed DO2: Normally closed

Table 3.35.: Pin Assignments of variant with two DIO Ports

Note: On request: 1xDin, 1xDOut

35

NB3800 User Manual for NRSW version 4.3

3.5. Data Storage (Option Dx)
The integrated mass storage works independently of any router functionalities and is dedicated for customer applications such as data collection or passenger entertainment. The storage can be accessed via the SDK. Please refer to SDK API Manual for further details, section 2.2 Media Mount. The following options are available:

Option Da Db Dc Dd De Df

Capacity 32 GB Flash 64 GB Flash 128 GB SSD 256 GB SSD 512 GB SSD 1 TB SSD

Table 3.36.: Storage Specifications

36

NB3800 User Manual for NRSW version 4.3
4. Installation
The NB3800 is designed for mounting it on a worktop or wall. Please consider the safety instructions in chapter 2 and the environmental conditions in chapter 3.3.
The following precautions must be taken before installing a NB3800 router: ­ Avoid direct solar radiation ­ Protect the device from humidity, steam and aggressive fluids ­ Guarantee sufficient circulation of air around the device ­ The device is for indoor use only
Attention: NetModule routers are not intended for the end consumer market. The device must be installed and commissioned by a certified expert.
4.1. Installation of the Mini-SIM Cards
Up to four Mini-SIM cards can be inserted in a NB3800 router. SIM cards can be inserted by sliding it into one of the designated slots on the front panel. You have to push the SIM card using a small paper clip (or similar) until it snaps into place. To remove the SIM, you will need to push it again in the same manner. The SIM card will then rebounds and can be pulled out. SIMs can be assigned flexibly to any modem in the system. It is also possible to switch a SIM to a different modem during operation, for instance if you want to use another provider upon a certain condition. However, a SIM switch usually takes about 10-20 seconds which can be bypassed (e.g. at bootup) if SIMs are installed reasonably. Using only a single SIM with one modem, it should be preferably placed into the SIM 1 holder. For systems which should operate two modems with multiple SIMs in parallel, we recommend to assign MOB 1 to SIM 1 and MOB 2 to SIM 2 and so on. Further information about SIM configuration can be found in chapter 5.3.3.
Attention: After a SIM Switch the SIM Cover of the NB3800 router has to be mounted again and screwed to get IP40 protection class.
4.2. Installation of the GSM/UMTS/LTE Antenna
NetModule routers will only operate efficiently in the cellular network if there is a good signal. A stub antenna will be suitable for most applications. However, in some circumstances it might be necessary to use remote antennas together with an extended cable to reach a better location offering an adequate signal. In doubt, please contact us and we would be pleased to assist you in figuring out the best matching antenna setup for your application. Keep in mind that effects caused by Faraday cages such as large metal surfaces (elevators, machine housings, etc.), close meshed iron constructions and others may reduce signal reception significantly.
37

NB3800 User Manual for NRSW version 4.3

The mounted antennas or antenna cables should be fixed with a wrench. The following table shows how to connect the LTE/UMTS antennas. Generally, LTE antennas use both, main and auxiliary ports, but UMTS requires only main ports.

Antenna Port MOB 1 A2 MOB 1 A3 MOB 2 A4 MOB 2 A5 MOB 3 A6 MOB 3 A7 MOB 4 A8 MOB 4 A9 MOB 5 A10 MOB 5 A11

Type Main Auxiliary Main Auxiliary Main Auxiliary Main Auxiliary Main Auxiliary

Table 4.1.: LTE/UMTS antenna port types

Attention: Following points must be observed when installing the antennas: ­ A minimum clearance of at least 40 cm between people and the antennas must always
be ensured.
­ If one mobile inerface transmit simultaneously with other collocated radio transmitters the separation distance of 20 cm between the antennas must be maintained at all times.
­ Antennas which are installed outside a building or the vehicle hull must limit transient overvoltages (according to IEC 62368-1) to below a peak of 1500 V through external protection circuits.
­ Mobile communications antennas may have an amplification of maximum 2.5dBi, including the cable attenuation, in the relevant frequency range.

4.3. Installation of the WLAN Antennas

The following table shows how to connect the WLAN antennas. The number of attached antennas can be configured in the software. If only one antenna is used, it must be attached to the main port. However, for better diversity and thus better throughput and coverage, we highly recommend using two antennas.

Antenna Port WLAN 1 A10

Type Main

38

NB3800 User Manual for NRSW version 4.3

Antenna Port WLAN 1 A11 WLAN 2 A8 WLAN 2 A9

Type Auxiliary Main Auxiliary

Table 4.2.: WLAN antenna port types

Attention: Following points must be observed when installing the antennas: ­ A minimum clearance of at least 40 cm between people and the antennas must always
be ensured.
­ If one WLAN inerface transmit simultaneously with other collocated radio transmitters the separation distance of 20 cm between the antennas must be maintained at all times.
­ WLAN antennas must only be installed in buildings or within vehicle hulls.
­ WLAN antennas may have an amplification of maximum 3dBi in the relevant frequency range. WLAN antennas with a higher amplification may be used with the NetModule router “Enhanced-RF-Configuration” software license and the antenna gain and cable attenuation that have been correctly configured by certified specialized personnel.

39

NB3800 User Manual for NRSW version 4.3
4.4. Installation of the GNSS Antenna
The GNSS antenna must be mounted to the connector GNSS. Whether the antenna is an active or passive GNSS antenna has to be configured in the software. We recommend active GNSS antennas for highly accurate GNSS tracking.
Attention: Following points must be observed when installing the antenna: ­ A minimum clearance of at least 40 cm between people and the antenna must always
be ensured. ­ Antennas which are installed outside a building or the vehicle hull must limit transient
overvoltages (according to IEC 62368-1) to below a peak of 1500 V through external protection circuits.
4.5. Installation of the Local Area Network
Up to three 10/100 Mbps and two 10/100/1000 Mbps Ethernet devices can be directly connected to the router, further devices can be attached via an additional Ethernet switch. Please ensure that the connector has been plugged in properly to ETH and remains in a fixed state, you might otherwise experience sporadical link loss during operation. The Link/Act LED will lit up as soon as the device has synced. If not, it might be necessary to configure a different link setting as described in chapter 5.3.2. By default, the router is configured as a DHCP server and has the IP address 192.168.1.1.
Attention: Only a shielded Ethernet cable may be used.
4.6. Installation of the Power Supply
The router can be powered with an external source supplying between 24 VDC and 48 VDC or 72 VDC and 110 VDC respectively. It is to be used with a certified (CE or equivalent) power supply, which must have a limited and SELV circuit output. The router is now ready for getting engaged.
Attention: Only CE-compliant power supplies with a current-limited SELV output voltage range (for NetModule routers with “Pb” option with a correspondingly higher output voltage range and in accordance with appropriate comparable safety precautions) may be used with the NetModule routers
40

NB3800 User Manual for NRSW version 4.3
4.7. Installation of the Audio Interface
The audio interface (line out) is available on the PTT (Option Ap) and the Audio (Option A) extension. Attention: Risk of hearing damage: Avoid the use of earphones or Headphones at high volumes or over one longer period.
41

NB3800 User Manual for NRSW version 4.3
5. Configuration
The following chapters give information about setting up the router and configuring its features as provided with system software 4.3.
NetModule provides regularly updated router software with new functions, bug fixes and closed vulnerabilities. Please keep your router software up to date. ftp://share.netmodule.com/router/public/system-software/
5.1. First Steps
NetModule routers can be easily set up by using the HTTP-based configuration interface, called the Web Manager. It is supported by the latest web browsers (e.g. Microsoft Internet Explorer 11, Mozilla Firefox 28.0, Safari 7 and many others). Please ensure to have JavaScript turned on. Any submitted configuration via the Web Manager will be applied immediately to the system when pressing the Apply button. When configuring subsystems which require multiple steps (for instance WLAN) you can use the Continue button to store any settings temporarily and apply them at a later time. Please note, that those settings will be neglected at logout unless applied. You may also upload configuration files via SNMP, SSH, HTTP or USB in case you intend to deploy a larger numbers of routers. Advanced users may also use the Command Line Interface (CLI) and set configuration parameters directly. The IP address of Ethernet1 is 192.168.1.1 and the Dynamic Host Configuration Protocol (DHCP) is activated on the interface by default. The following steps need to be taken to establish your first Web Manager session:
1. Connect the Ethernet port of your computer to the ETH1 (FastEthernet) port of the router using a shielded CAT5 cable with M12 connector.
2. If not yet activated, enable DHCP on your computer’s Ethernet interface so that an IP address can be obtained automatically from the router. This usually takes a short amount of time until your PC has received the corresponding parameters (IP address, subnet mask, default gateway, name server). You may track the progress by having a look to your network control panel and check whether your PC has correctly retrieved an IP address of the range 192.168.1.100 to 192.168.1.199.
3. Launch your favorite web browser and point it to the IP address of the router (the URL is http://192.168.1.1).
4. Please follow the instructions of the Web Manager for configuring the router. Most of the menus are self-explanatory, further details are given in the following chapters.
5.1.1. Initial Access
In factory state you will be prompted for a new administrator password. Please choose a password which is both, easy to remember but also robust against dictionary attacks (such as one that contains numbers, letters and punctuation characters). The password shall have a minimum length of 6 characters. It shall contain a minimum of 2 numbers and 2 letters.
42

NB3800 User Manual for NRSW version 4.3

Admin Password Setup
Please set a password for the admin account. It shall have a minimum length of 6 characters and contain at least 2 numbers and 2 letters.

Username: Enter new password: Confirm new password:
I agree to the terms and conditions

admin

Configure automatic mobile data connection

Apply

NetModule Router Simulator Hostname netbox Software Version 4.4.0.103 © 2004-2020, NetModule AG

NetModule Insights
Subscribe to our mailing and get the latest news about software releases and much more

Figure 5.1.: Initial Login
Please note that the admin password will be also applied for the root user which can be used to access the device via the serial console, telnet, SSH or to enter the bootloader. You may also configure additional users which will only be granted to access the summary page or retrieve status information but not to set any configuration parameters. A set of services (USB Autorun, CLI- PHP) are by default activated in factory state and will be disabled as soon as the admin password has been set. They can be enabled again afterwards in the relevant sections. Other services (SSH, Telnet, Console) can be accessed in factory state by providing an empty or no password.
5.1.2. Recovery
Following actions might be taken in case the router has been misconfigured and cannot be reached anymore:
1. Factory Reset: You can initiate a reset back to factory settings via the Web Manager, by running the command factory-reset or by pressing the reset button. The latter would require a slim

43

NB3800 User Manual for NRSW version 4.3

needle or paper clip which must be inserted into the hole

to the left of the SIM 1 slot .

The button must be hold pressed for up to 5 seconds until all LEDs flash up.

2. Serial Console Login: It is also possible to log into the system via the serial port. This would require a terminal emulator (such as PuTTY or HyperTerminal) and an RS232 connection (115200 8N1) attached to the serial port of your local computer. You will also see the kernel messages at bootup there.

3. Recovery Image: In severe cases we can provide a recovery image on demand which can be loaded into RAM via TFTP and executed. It offers a minimal system image for running a software update or doing other modifications. You will be provided with two files, recovery-image and recovery-dtb, which must be placed in the root directory of a TFTP server (connected via LAN1 and address 192.168.1.254). The recovery image can be launched from the boot-loader using a

serial connection. You will have to stop the boot process by pressing s and enter the bootloader. You can then issue run recovery to load the image and start the system which can be accessed via HTTP/SSH/Telnet and its IP address 192.168.1.1 afterwards. This procedure can be also initiated by holding the factory reset button longer than 15 seconds.

44

NB3800 User Manual for NRSW version 4.3

5.2. HOME
This page provides a status overview of enabled features and connections.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

Status Summary WAN WWAN WLAN GNSS Ethernet LAN Bridges DHCP OpenVPN IPsec PPTP MobileIP Firewall System

Summary Description LAN2 WWAN1 WLAN1 IPsec1 PPTP1 MobileIP

Administrative Status enabled enabled enabled, access-point enabled enabled, server enabled

Operational Status dialing down up down up down

LOGOUT

NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG
Figure 5.2.: Home
Summary This page offers a short summary about the administrative and operational status of the router’s interfaces. WAN This page offers details about any enabled Wide Area Network (WAN) links (such as the IP addresses, network information, signal strength, etc.) The information about the amount of downloaded/uploaded data is stored in non-volatile memory, thus survive a reboot of the system. The counters can be reset by pressing the Reset button. WWAN This page shows information about modems and their network status. WLAN The WLAN page offers details about the enabled WLAN interfaces when operating in access-point mode. This includes the SSID, IP and MAC address and the currently used frequency and transmit
45

NB3800 User Manual for NRSW version 4.3
power of the interface as well as the list of associated stations. GNSS This page displays the position status values, such as latitude/longitude, the satellites in view and more details about the used satellites. Ethernet This page shows information about the Ethernet interfaces and packet statistics information. LAN This page shows information about the LAN interfaces plus the neighborhood information. Bridges This page shows information about configured virtual bridge devices. DHCP This page offers details about any activated DHCP service, including a list of issued DHCP leases. OpenVPN This page provides information about the OpenVPN tunnel status. IPSec This page provides information about the IPsec tunnel status. PPTP This page provides information about the PPTP tunnel status. GRE This page provides information about the GRE tunnel status. L2TP This page provides information about the L2TP tunnel status. MobileIP This page provides information about Mobile IP connections. Firewall This page offers information about any firewall rules and their matching statistics. It can be used to debug the firewall. QoS This page provides information about the used QoS queues. BGP This page provides information about the Border Gateway Protocol. OSPF This page provides information about the Open Shortest Path First routing protocol.
46

NB3800 User Manual for NRSW version 4.3 DynDNS This page provides information about Dynamic DNS. System Status The system status page displays various details of your NB3800 router, including system details, information about mounted modules and software release information. SDK This section will list all webpages generated by SDK scripts.
47

NB3800 User Manual for NRSW version 4.3

5.3. INTERFACES
5.3.1. WAN
Link Management Depending on your hardware model, WAN links can be made up of either Wireless Wide Area Network (WWAN), Wireless LAN (WLAN), Ethernet or PPP over Ethernet (PPPoE) connections. Please note that each WAN link has to be configured and enabled in order to appear on this page.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

WAN Link Management
In case a WAN link goes down, the system will automatically switch over to the next link in order of priority. A link can be either established when the switch occurs or permanently to minimize link downtime. Outgoing traffic can also be distributed over multiple links on a per IP session basis.

Priority Interface 1st LAN2 2nd WWAN1

Operation Mode permanent permanent

Apply

Figure 5.3.: WAN Links

48

NB3800 User Manual for NRSW version 4.3

In general, a link will be only dialed or declared as up if the following prerequisites are met:

Condition Modem is registered Registered with valid service type Valid SIM state Sufficient signal strength Client is associated Client is authenticated Valid DHCP address retrieved Link is up and holds address Ping check succeeded

WWAN X X X X
X X X

WLAN
X X X X X X

ETH
X X X

PPPoE
X X X

The menu can be used further to prioritize your WAN links. The highest priority link which has been established successfully will become the so- called hotlink which holds the default route for outgoing packets.
In case a link goes down, the system will automatically switch over to the next link in the priority list. You can configure each link to be either established when the switch occurs or permanently in order to minimize link downtime.

Parameter 1st priority 2nd priority
3rd priority
4th priority

WAN Link Priorities
The primary link which will be used whenever possible.
The first fallback link, it can be enabled permanently or being dialed as soon as Link 1 goes down.
The second fallback link, it can be enabled permanently or being dialed as soon as Link 2 goes down.
The third fallback link, it can be enabled permanently or being dialed as soon as Link 3 goes down.

Links are being triggered periodically and put to sleep in case it was not possible to establish them within a certain amount of time. Hence it might happen that permanent links will be dialed in background and replace links with lower priority again as soon as they got established. In case of interfering links sharing the same resources (for instance in dual-SIM operation) you may define a switch-back interval after which an active hotlink is forced to go down in order to let the higher-prio link getting dialed again.
We recommend to use the permanent operation mode for WAN links in general. However, in case of time-limited mobile tariffs for instance, the switchover mode might be applicable. By using the distributed mode, it is possible to distribute outgoing traffic over multiple WAN links based on their weight ratio.

49

NB3800 User Manual for NRSW version 4.3

Attention: You can have concurrent WWAN links which share a common recource like one WWAN module using SIM cards of different providers. In that case it would not be possible to find out if the link with the higher priority is available without putting down the low priority link. Therefor such a link will behave like a switchover even if configured as permanent.

For mobile links, it is further possible to pass through the WAN address towards a local host (also called Drop-In or IP Pass-through). In particular, the first DHCP client will receive the public IP address. More or less, the system acts like a modem in such case which can be helpful in case of firewall issues. Once established, the Web Manager can be reached over port 8080 using the WAN address but still over the LAN1 interface using port 80.

Parameter disabled permanent on switchover
distributed

WAN Link Operation Modes Link is disabled Link is being established permanently Link is being established on switchover, it will be dialled if previous links failed Link is member of a load distribution group

Parameter Operation mode Weight Switch-back
Bridging interface1

WAN Link Settings The operation mode of the link
The weight ratio of a distributed link
Specifies the switch-back condition of a switchover link and the time after an active hotlink will be teared down
If WLAN client, the LAN interface to which the WAN link should be bridged.

NetModule routers provide a feature called IP pass-through (aka Drop-In mode). If enabled, the WAN address will be be passed-through to the first DHCP client of the specified LAN interface. As Ethernetbased communication requires additional addresses, we pick an appropriate subnet to talk to the LAN host. In case this overlaps with other addresses of your WAN network, you may optionally specify the network given by your provider to avoid any address conflicts.

Parameter IP Pass-through Interface WAN network WAN netmask

IP Pass-Through Settings Enables or disables IP pass-through Specifies the interface on which the address shall be passed-through Specifies the WAN network Specifies the WAN netmask

1This options requires an Access Point with four address frame format support.

50

NB3800 User Manual for NRSW version 4.3

WAN Settings
This page can be used to configure WAN specific settings like the Maximum Segment Size (MSS). The MSS corresponds to the largest amount of data (in bytes) that the router can handle in a single, unfragmented TCP segment. In order to avoid any negative side effects the number of bytes in the data segment and the headers must not add up to more than the number of bytes in the Maximum Transmission Unit (MTU). The MTU can be configured per each interface and corresponds to the largest packet size that can be transmitted.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

TCP Maximum Segment Size

The maximum segment size defines the largest amount of data of TCP packets (usually MTU minus 40). You may decrease the value in case of fragmentation issues or link-based limits.

MSS adjustment: Maximum segment size:

enabled disabled
1380

Apply

Figure 5.4.: WAN Settings

Parameter MSS adjustment Maximum segment size

TCP MSS Settings Enable or disable MSS adjustment on WAN interfaces. Maximum number of bytes in a TCP data segment.

51

NB3800 User Manual for NRSW version 4.3

Supervision
Network outage detection on a per-link basis can be performed by sending pings on each link to some authoritative hosts. A link will be declared as down in case all trials have failed and only as up if at least one host can be reached.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Link Supervision

Network outage detection can be performed by sending pings on each WAN link to authoritative hosts. The link will be declared as down in case all trials failed. You may further specify an emergency action if a certain downtime is reached.

Link

Hosts

Emergency Action

ANY

8.8.8.8, 8.8.4.4

none

Parameter Link Mode
Primary host Secondary host Ping timeout

Figure 5.5.: Link Supervision
Supervision Settings The WAN link to be monitored (can be ANY) Specifies whether the link shall only be monitored if being up (e.g. for using a VPN tunnel) or if connectivity shall be also validated at connection establishment (default) The primary host to be monitored The secondary host to be monitored (optional) The amount of time in milliseconds a response for a single ping can take, consider to increase this value in case of slow and tardy links (such as 2G connections)

52

NB3800 User Manual for NRSW version 4.3

Parameter Ping interval Retry interval Max. number of failed trials Emergency action

Supervision Settings
The interval in seconds at which pings are transmitted on each interface
The interval in seconds at which pings are re-transmitted in case a first ping failed
The maximum number of failed ping trials until the link will be declared as down
The emergency action which should be taken after a maximum downtime has been reached. Using reboot would perform a reboot of the system, restart link services will restart all link-related applications including a reset of the modem.

53

NB3800 User Manual for NRSW version 4.3

5.3.2. Ethernet
NB3800 routers ship with an Ethernet switch (ETH1-ETH5) including 2 Gigabit Ethernet ports (ETH4/ETH5) which can be linked via M12 connectors. ETH1 usually forms the LAN1 interface which should be used for LAN purposes. Other interfaces can be used to connect other LAN segments or for configuring a WAN link. The LAN10 interface will be available as soon as a pre-configured USB Ethernet device has been plugged in.
Ethernet Port Assignment

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Port Assignment

Link Settings

Ethernet 1 Administrative status: Network interface:
Ethernet 2 Administrative status: Network interface:

enabled disabled LAN1
enabled disabled LAN2

Apply

LOGOUT

Figure 5.6.: Ethernet Ports
This menu can be used to individually assign each Ethernet port to a LAN interface, just in case you want to have different subnets per port or use one port as WAN interface. You may assign multiple ports to the same interface.

54

NB3800 User Manual for NRSW version 4.3

Ethernet Link Settings

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Port Assignment

Link Settings

Link speed for Ethernet 1: Link speed for Ethernet 2:
Apply

auto-negotiated auto-negotiated

LOGOUT

Figure 5.7.: Ethernet Link Settings
Link negotiation can be set for each Ethernet port individually. Most devices support auto-negotiation which will configure the link speed automatically to comply with other devices in the network. In case of negotiation problems, you may assign the modes manually but it has to be ensured that all devices in the network utilize the same settings then.
VLAN Management NetModule routers support Virtual LAN according to IEEE 802.1Q which can be used to create virtual interfaces on top of an Ethernet interface. The VLAN protocol inserts an additional header to Ethernet frames carrying a VLAN Identifier (VLAN ID) which is used for distributing the packets to the associated virtual interface. Any untagged packets, as well as packets with an unassigned ID, will be distributed to the native interface.

55

NB3800 User Manual for NRSW version 4.3

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

VLAN Management

VLAN ID
Interface

LAN1-1

1

Network Interface Priority

LAN1

default

LAN1-2

5

LAN1

background

Mode routed routed

LOGOUT

Figure 5.8.: VLAN Management

In order to form a distinctive subnet, the network interface of a remote LAN host must be configured with the same VLAN ID as defined on the router. Further, 802.1P introduces a priority field which influences packet scheduling in the TCP/IP stack.
The following priority levels (from lowest to highest) exist:

Parameter 0 1 2 3 4 5 6 7

VLAN Priority Levels Background Best Effort Excellent Effort Critical Applications Video (< 100 ms latency and jitter) Voice (< 10 ms latency and jitter) Internetwork Control Network Control

56

NB3800 User Manual for NRSW version 4.3

IP Settings
This page can be used to configure IP addressing for your LAN/WAN Ethernet interfaces. In addition to the primary IP address/subnet mask you may define an additional IP address alias on the interface.
Please keep in mind that the DNS servers can be set globally in the DNS server configuration menu. But as soon as a link comes up it will use the interface- specific name-servers (e.g. the ones being retrieved over DHCP) and update the resolver configuration accordingly.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

IP Address Management

Network Interface

Mode IP Address Mode

LAN1

LAN Static IP

IP Address Netmask 192.168.1.1 24

LAN1-1

LAN Static IP

192.168.101.1 24

LAN1-2

LAN Static IP

192.168.102.1 24

LAN2

WAN DHCP mode

n/a

-1

LOGOUT

Figure 5.9.: LAN IP Configuration

Parameter Mode

LAN IP Settings Defines whether this interface is being used as LAN or WAN interface

When running in LAN mode, the interface may be configured with the following settings:

Parameter IP address Subnet mask Alias IP address

LAN IP Settings The IP interface address The subnet mask for this interface The alias IP interface address

57

NB3800 User Manual for NRSW version 4.3

Parameter Alias subnet mask

LAN IP Settings The alias subnet mask for this interface

When running in WAN mode, the interface may be configured with the following settings:

Parameter WAN mode
MTU

WAN IP Settings
The WAN operation mode, defines whether the interface should run as DHCP client, statically configured or over PPPoE.
The Maximum Transmission Unit for the interface, if provided it will specify the largest size of a packet transmitted on the interface.

When running as DHCP client, no further configuration is required because all IP-related settings (address, subnet, gateway, DNS server) will be retrieved from a DHCP server in the network. You may also define static values but caution has to be taken to assign an unique IP address as it would otherwise raise IP conflicts in the network.

PPPoE is commonly used when communicating with another WAN access device (like a DSL modem). The following settings can be applied:

Parameter User name Password Service name
Access concentrator name

PPPoE Configuration
PPPoE user name for authenticating at the access device
PPPoE password for authenticating at the access device
Specifies the service name set of the access concentrator and can be left blank unless you have multiple services on the same physical network and need to specify the one you want to connect to.
The name of the concentrator (the PPPoE client will connect to any access concentrator if left blank)

58

NB3800 User Manual for NRSW version 4.3

5.3.3. Mobile
Modems Configuration This page lists all available WWAN modems. They can be disabled on demand.
Query This page allows you to send Hayes AT commands to the modem. Besides the 3GPP-conforming AT command-set further modem-specific commands can be applicable which we can provide on demand. Some modems also support running Unstructured Supplementary Service Data (USSD) requests, e.g. for querying the available balance of a prepaid account. SIMs

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Mobile SIMs
This menu can be used to assign a default modem to each SIM which will also be used by SMS and GSM voice services. A SIM card can get switched in case of multiple WWAN interfaces sharing the same modem.

SIM Default SIM1 Mobile1

Current Mobile1

SIM State missing

SIM Lock unknown

Registered no

Update

Figure 5.10.: SIMs
The SIM page gives an overview about the available SIM cards, their assigned modems and the current state. Once a SIM card has been inserted, assigned to a modem and successfully unlocked, the card should remain in state ready and the network registration status should have turned to registered. If

59

NB3800 User Manual for NRSW version 4.3 not, please double-check your PIN. Please keep in mind that registering to a network usually takes some time and depends on signal strength and possible radio interferences. You may hit the Update button at any time in order to restart PIN unlocking and trigger another network registration attempt. Under some circumstances (e.g. in case the modem flaps between base stations) it might be necessary to set a specific service type or assign a fixed operator. The list of operators around can be obtained by initiating a network scan (may take up to 60 seconds). Further details can be retrieved by querying the modem directly, a set of suitable commands can be provided on request.
60

NB3800 User Manual for NRSW version 4.3

Configuration
A SIM card is generally assigned to a default modem but might be switched, for instance if you set up two WWAN interfaces with one modem but different SIM cards. Close attention has to be paid when other services (such as SMS or Voice) are operating on that modem, as a SIM switch will naturally affect their operation. The following settings can be applied:

Parameter PIN code PUK code Default modem Preferred service
Registration mode Network selection

WWAN SIM Configuration
The PIN code for unlocking the SIM card
The PUK code for unlocking the SIM card (optional)
The default modem assigned to this SIM card
The preferred service to be used with this SIM card. Remember that the link manager might change this in case of different settings. The default is to use automatic, in areas with interfering base stations you can force a specific type (e.g. 3G-only) in order to prevent any flapping between the stations around.
The desired registration mode
Defines which network shall be selected. This can be bound to a specific LAI which can be retrieved by running a network scan.

61

NB3800 User Manual for NRSW version 4.3

WWAN Interfaces
This page can be used to manage your WWAN interfaces. The resulting link will pop up automatically as WAN link once an interface has been added. Please refer to chapter 5.3.1 for how to manage them.
The Mobile LED will be blinking during the connection establishment process and goes on as soon as the connection is up. Refer to section 5.8.7 or consult the system log files for troubleshooting the problem in case the connection did not come up.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Mobile Interfaces Interface Modem SIM PDP WWAN1 Mobile1 SIM1 PDP1

Number Service APN / User *99***1# automatic internet.telekom / tm

LOGOUT

Figure 5.11.: WWAN Interfaces

The following mobile settings are required:

Parameter Modem SIM Service type

WWAN Mobile Parameters The modem to be used for this WWAN interface The SIM card to be used for this WWAN interface The required service type

Please note that these settings supersede the general SIM based settings as soon as the link is being dialed.

62

NB3800 User Manual for NRSW version 4.3

Generally, the connection settings are derived automatically as soon as the modem has registered and the network provider has been found in our database. Otherwise, it will be required to configure the following settings manually:

Parameter Phone number
Access point name Authentication Username Password

WWAN Connection Parameters
The phone number to be dialed, for 3G+ connections this commonly refers to be *99***1#. For circuit-switched 2G connections you can enter the fixed phone number to be dialed in international format (e.g. +41xx).
The access point name (APN) being used
The authentication scheme being used, if required this can be PAP or/and CHAP
The user-name used for authentication
The password used for authentication

Furtheron, you may configure the following advanced settings:

Parameter Required signal strength Home network only Negotiate DNS Call to ISDN Header compression
Data compression Client address MTU

WAN Advanced Parameters
Sets a minimum required signal strength before the connection is dialed
Determines whether the connection should only be dialed when registered to a home network
Specifies whether the DNS negotiation should be performed and the retrieved name-servers should be applied to the system
Has to be enabled in case of 2G connections talking to an ISDN modem
Enables or disables 3GPP header compression which may improve TCP/IP performance over slow serial links. Has to be supported by your provider.
Enables or disables 3GPP data compression which shrinks the size of packets to improve throughput. Has to be supported by your provider.
Specifies a fixed client IP address if assigned by the provider
The Maximum Transmission Unit for this interface

63

NB3800 User Manual for NRSW version 4.3

5.3.4. WLAN
WLAN Management In case your router is shipping with a WLAN (or Wi-Fi) module you can operate it either as client, access point, mesh point or certain dual modes. As a client it can create an additional WAN link which for instance can be used as backup link. As access point, it can form another LAN interface which can be either bridged to an Ethernet-based LAN interface or create a self-contained IP interface which can be used for routing and to provide services (such as DHCP/DNS/NTP) in the same way like an Ethernet LAN interface does. As mesh point, it can create a wireless mesh network to provide a backhaul connectivity with dynamic path selection. As dual mode, it is possible to run access point and client or mesh point and access point functionality on the same radio module.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

WLAN Management Administrative status:

Operational mode:

Regulatory domain: Operation type: Radio band: Bandwidth: Channel: Number of antennas: Antenna gain:

Apply

Continue

enabled disabled client access point mesh point dual modes European Union 802.11b 2.4 GHz 20 MHz
Auto
2 0 dB

Channel utilisation

LOGOUT

Figure 5.12.: WLAN Management
If the administrative status is set to disabled, the module will be powered off in order to reduce the overall power consumption. Regarding antennas, we generally recommend using two antennas for better coverage and throughput. A second antenna is definitely mandatory if you want to achieve higher throughput rates as in 802.11n. A WLAN client and a mesh point will automatically became a WAN link and can be managed as described in chapter 5.3.1.

64

NB3800 User Manual for NRSW version 4.3

Configurable parameters for access-point, client mode, mesh point and any dual mode:

Parameter Regulatory Domain Number of antennas Antenna gain
Disable low data rates

WLAN Management Select the country the Router operates in Set the number of connected antennas Specify the antenna gain for the connected antennas. Please refer to the antennas datasheet for the correct gain value. Avoid sticky clients by disabling low data rates.

Warning Please be aware that any inappropriate parameters can lead to an infringement of conformity regulations.

Running as access point or dual mode, you can further configure the following settings:

Parameter Operation type Radio band
Bandwidth Channel

WLAN Management Specifies the desired IEEE 802.11 operation mode Selects the radio band to be used for connections, depending on your module it could be 2.4 or 5 GHz Specify the channel bandwidth operation mode Specifies the channel to be used

Running as client, you can further configure the following settings:

Parameter Scan channels
2.4 GHz 5 GHz

WLAN Management Select if all supported channels should be scanned or just user defined channels Set the channels which should be scanned in 2.4 GHz Set the channels which should be scanned in 5 GHz

Available operation modes are:

Standard 802.11a 802.11b 802.11g

Frequencies 5 GHz 2.4 GHz 2.4 GHz

Bandwidth 20 MHz 20 MHz 20 MHz

Data Rate 54 Mbit/s 11 Mbit/s 54 Mbit/s

65

NB3800 User Manual for NRSW version 4.3

Standard 802.11n 802.11ac

Frequencies 2.4/5 GHz 5 GHz

Bandwidth 20/40 MHz 20/40/80 MHz

Table 5.20.: IEEE 802.11 Network Standards

Data Rate 300 Mbit/s 866.7 Mbit/s

66

NB3800 User Manual for NRSW version 4.3

Running as mesh point, you can further configure the following settings:

Parameter Operation type Radio band
Channel

WLAN Mesh-Point Management Specifies the desired IEEE 802.11 operation mode Selects the radio band to be used for connections, depending on your module it could be 2.4 or 5 GHz Specifies the channel to be used

Note: NetModule Routers with 802.11n and 802.11ac support 2×2 MIMO

67

NB3800 User Manual for NRSW version 4.3

Prior to setting up an access point, it is always a good idea to run a network scan for getting a list of neighboring WLAN networks and then choose the less interfering channel. Please note that two adequate channels are required for getting good throughputs with 802.11n and a bandwidth of 40 MHz.
WLAN Configuration Running in client mode, it is possible to connect to one ore more remote access-points. The system will switch to the next network in the list in case one goes down and return to the highest-prioritized network as soon as it comes back. You can perform a WLAN network scan and pick the settings from the discovered information directly. The authentication credentials have to be obtained by the operator of the remote access point.

Parameter SSID Security mode WPA/WPA2 mixed mode
WPA cipher
Identity Passphrase
Force PMF Enable fast transition
Required signal strength

WLAN Client Configuration The network name (called SSID)
The desired security mode
WPA2 should be preferred over WPA1, running WPA/WPA2 mixedmode offers both.
The WPA cipher to be used, the default is to run both (TKIP and CCMP)
The identity used for WPA-RADIUS and WPA-EAP-TLS
The passphrase used for authentication with WPA-PSK, otherwise the key passphrase for WPA-EAP-TLS
Enables Protected Management Frames
If client, enable fast roaming capabilites via FT. FT is only performed if the AP supports this feature, too
Required signal strength to esablish the connection

The client is performing background scans for the purpose of roaming within an ESS. The background scans are based on the current signal strenght.

Parameter Threshold
Long interval
Short interval

WLAN Client Background Scan Parameters
The signal strength threshold in dBm when the long or short time interval should occur
The time in seconds when a background scan should be performed if the threshold is above the given threshold value
The time in seconds when a background scan should be performed if the threshold is below the given threshold value

68

NB3800 User Manual for NRSW version 4.3

Running in access-point mode you can create up to 4 SSIDs with each running their own network configuration. The networks can be individually bridged to a LAN interface or operate as dedicated interface in routing-mode.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

WLAN Access-Point Configuration

Interface

SSID

WLAN1

NB1600-Private

Security Mode WPA / Cipher

WPA-PSK

WPA + WPA2 / TKIP + CCMP

Figure 5.13.: WLAN Configuration

69

NB3800 User Manual for NRSW version 4.3

This section can be used to configure security-related settings.

Parameter SSID Security mode WPA/WPA2 mixed mode
WPA cipher
Identity Passphrase
Force PMF Hide SSID Isolate clients Band steering master Accounting

WLAN Access-Point Configuration The network name (called SSID) The desired security mode WPA2 should be preferred over WPA1, running WPA/WPA2 mixedmode offers both. The WPA cipher to be used, the default is to run both (TKIP and CCMP) The identity used for WPA-RADIUS and WPA-EAP-TLS The passphrase used for authentication with WPA-PSK, otherwise the key passphrase for WPA-EAP-TLS Enables Protected Management Frames Hides the SSID Disables client-to-client communication The WLAN interface which the client should be steered to Sets accounting profile

The following security modes can be configured:

Parameter Off None WEP WPA-PSK
WPA-RADIUS
WPA-TLS

WLAN Security Modes SSID is disabled
No authentication, provides an open network
WEP (is nowadays discouraged)
WPA-PSK (TKIP, CCMP) aka WPA-Personal/Enterprise, provides password-based authentication
EAP-PEAP/MSCHAPv2, can be used to authenticate against a remote RADIUS server which can be configured in chapter 5.8.2
EAP-TLS, performs authentication using certificates which can be configured in chapter 5.8.8

70

NB3800 User Manual for NRSW version 4.3

Running in mesh point mode, it is possible to connect to one or more mesh points within the mesh network at the same time. The system will automatically join the wireless network, connect to the other mesh partners with the same ID and sercurtiy credentials. The authentication credentials have to be obtained by the operator of the mesh network.

Parameter

WLAN Mesh-Point Configuration

MESHID

The network name (called MESHID)

Security mode

The desired security mode

enable gate announcements To enable gate announcments for the mesh network

71

NB3800 User Manual for NRSW version 4.3

The following security modes can be configured:

Parameter Off None SAE

WLAN Mesh-Point Security Modes MESHID is disabled No authentication, provides an open network SAE (Simultaneous Authentication of Equals) is a secure passwordbased authentication and key establishment protocol

72

NB3800 User Manual for NRSW version 4.3

WLAN IP Settings
This section lets you configure the TCP/IP settings of your WLAN network. A client interface can be run over DHCP or with a statically configured address and default gateway.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

WLAN1 IP Settings Network mode: IP address: Netmask:

Apply

Continue

bridged routed 192.168.200.1 255.255.255.0

LOGOUT

Figure 5.14.: WLAN IP Configuration

The access point networks can be bridged to any LAN interface for letting WLAN clients and Ethernet hosts operate in the same subnet. However, for multiple SSIDs we strongly recommend to set up separated interfaces in routing-mode in order to avoid unwanted access and traffic between the interfaces. The corresponding DHCP server for each network can be configured in afterwards as described in chapter 5.7.2.

Parameter Network mode
Bridge interface
IP address / netmask

WLAN IP Settings
Choose whether the interface shall be operated bridged or in routingmode
If bridged, the LAN interface to which the WLAN network should be bridged
In routing-mode, the IP address and netmask for this WLAN network

73

NB3800 User Manual for NRSW version 4.3

The following feature can be configured if the WLAN interface is bridged

Parameter 4addr frame IAPP Pre-auth
Fast transition

WLAN Bridging features Enables the 4-address frame format (required for bridge links)
Enables the Inter-Access Point Protocol feature
Enables the pre-authentication mechanism for roaming clients (if supported by the client)
Enables fast transistion (FT) capabilities for roaming client (if supported by the client)

74

NB3800 User Manual for NRSW version 4.3

5.3.5. Software Bridges
Software bridges can be used to bridge layer-2 devices like OpenVPN TAP, GRE or WLAN interfaces without the need for a physical LAN interface.
Bridge Settings This page can be used to enable/disable software bridges. It can be configured as follows:

Parameter Administrative status IP Address Netmask MTU

Bridge Settings
Enables or disables the bridge interface. If you need an interface to the local system you need to define an IP address for the local device.
IP address of the local interface (available only if “Enabled with local interface” was selected
Netmask of the local interface (available only if “Enabled with local interface” was selected
Optional MTU size for the local interface (available only if “Enabled with local interface” was selected

75

NB3800 User Manual for NRSW version 4.3

5.3.6. USB
NetModule routers ship with a standard USB host port which can be used to connect a storage, network or serial USB device. Please contact our support in order to get a list of supported devices.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Administration USB Administration

Devices

Autorun

This menu can be used to activate USB-based serial and network devices.

Administrative status:

enabled disabled

Enable hotplug:

Apply

LOGOUT

USB Administration
Parameter Administrative status Enable hotplug

Figure 5.15.: USB Administration
USB Administration Specifies whether devices shall be recognized Specifies whether device shall be recognized if plugged in during runtime or only at bootup

76

NB3800 User Manual for NRSW version 4.3

USB Devices
This page show the currently connected devices and it can be used to enable a specific device based on its Vendor and Product ID. Only enabled devices will be recognized by the system and raise additional ports and interfaces.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Administration

Devices

Autorun

Connected USB Devices Vendor ID Product ID Bus ID Manufacturer

Device

Enabled USB Devices Vendor ID Product ID Bus ID Module

Type

Refresh

LOGOUT
Type Attached

Figure 5.16.: USB Device Management

Parameter Vendor ID Product ID Module

USB Devices The USB Vendor ID of the device The USB Product ID of the device The USB module and type of driver to be applied for this device

Any ID must be specified in hexadecimal notation, wildcards are supported (e.g. AB[0-1][2-3] or AB*) A USB network device will be referenced as LAN10.

77

NB3800 User Manual for NRSW version 4.3
USB Autorun This feature can be used to automatically launch a shell script or perform a software/config update as soon as an USB storage stick has been plugged in. For authentication, a file called autorun.key must exist in the root directory of a FAT16/32 formatted stick. It can be downloaded from that page and holds the SHA256 hash key of the admin password. The file can hold multiple hashes which will be processed line-by-line during authentication which can be used for setting up more systems with different admin passwords. For new devices with an empty password the hash key e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 can be used. The hash keys can be generated by running the command echo -n “<admin- password>” | sha256sum on a Linux system or an Internet hash key generator (search for “sha-256 hash calculator”). Once authentication has succeeded, the system scans for other files in the root directory which can perform the following actions:
1. For running a script: autorun.sh 2. For a configuration update: cfg-.zip (e.g. cfg-00112B000815.zip), or if not avail-
able cfg.zip 3. For a software update: sw-update.img
78

NB3800 User Manual for NRSW version 4.3

5.3.7. Serial Port This page can be used to manage your serial ports. A serial port can be used by:

Parameter none login console
device server modem bridge modem emulator
SDK

Serial Port Usage
The serial port is not used
The serial port is used to open a console which can be accessed with a serial terminal client from the other side. It will provide helpful bootup and kernel messages and spawns a login shell, so that users can login to the system. If more than one serial inrterface is available, one serial interface can be configured as ‘login console’ at a time.
The serial port will be exposed over a TCP/IP port and can be used to implement a Serial/IP gateway.
Bridges the Serial Interface to the Modem TTY of an intergrated WWAN Modem.
Emulates a classical AT command driven modem on the serial interface. See http://wiki.netmodule.com/app-notes/hayes-modemat-simulator for detailed information.
The serial port will be reserved for SDK scripts.

79

NB3800 User Manual for NRSW version 4.3

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges
USB
Serial
Digital I/O
GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Administration

Port Settings

SERIAL1 is used by:

Apply

Back

none login console device server modem emulator SDK

Figure 5.17.: Serial Port Administration

LOGOUT

80

NB3800 User Manual for NRSW version 4.3

Running a device server, the following settings can be applied:

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

WAN Link Management Supervision Settings
Ethernet Port Setup VLAN Management IP Settings
Mobile Modems SIMs Interfaces
WLAN Administration Configuration IP Settings
Bridges USB Serial Digital I/O GNSS
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Administration

Port Settings

SERIAL1 Port Settings

Physical protocol: Baud rate: Data bits: Parity: Stop bits: Software flow control: Hardware flow control: Server Configuration Protocol on IP port: Port:
Timeout: Allow remote control (RFC 2217): Show banner:
Allow clients from:

Apply

RS232 115200 8 data bits None 1 stop bit None None

Telnet

2000

endless

numbered

600

everywhere specify

Figure 5.18.: Serial Port Settings

LOGOUT

Parameter Physical protocol Baud rate Data bits Parity
Stop bits

Serial Settings Selects the desired physical protocol on the serial port Specifies the baud rate run on the serial port Specifies the number of data bits contained in each frame Specifies the parity used for every frame that is transmitted or received Specifies the number of stop bits used to indicate the end of a frame
81

NB3800 User Manual for NRSW version 4.3

Parameter Software flow control
Hardware flow control Protocol on TCP/IP Port Timeout

Serial Settings
Defines the software flow control for the serial port, XOFF will send a stop, XON a start character to the other end to control the rate of any incoming data
You may enable RTS/CTS hardware flow control, so that the RTS and CTS lines are used to control the flow of data
You may choose the IP protocols Telnet or TCP raw for the device server
The TCP port for the device server
The timeout until a client is declared as disconnected

Parameter Protocol on IP port Port Timeout
Allow remote control Show banner Stop bits Allow clients from

Server Settings Selects the desired IP protocol (TCP or Telnet) Specifies the TCP port on which the server will be available The time in seconds before the port will be disconnected if there is no activity on it. A zero value disables this function. Allow remote control (ala RFC 2217) of the serial port Show a banner when clients connect Specifies the number of stop bits used to indicate the end of a frame Specifies which clients are allowed to connect to the server

Please note that the device server does not provide authentication or encryption and clients will be able connect from everywhere. Please consider to restrict access to a limited network/host or block packets by using the firewall.

82

NB3800 User Manual for NRSW version 4.3

When running the serial port as AT modem emulator the following settings can be applied:

Parameter Physical protocol Baud rate Hardware flow control

Serial Port Settings Selects the desired physical protocol on the serial port Specifies the baud rate run on the serial port You may enable RTS/CTS hardware flow control, so that the RTS and CTS lines are used to control the flow of data

Parameter Port

Incoming connections via Telnet The TCP port for the device server

Parameter Number IP address Port

Phonebook Entries Phone number that will get an alias IP address the number will become Port value for the IP address

83

NB3800 User Manual for NRSW version 4.3

5.3.8. Audio

Audio Administration This page can be used to pre-configure the audio module. It can be later used for the voice gateway. It can be configured as follows:

Parameter Volume level

Audio Settings Default volume level for line-out

Audio Testing This page can be used to play or record an audio sample.

84

NB3800 User Manual for NRSW version 4.3

5.3.9. GNSS

Administration
The GNSS page lets you enable or disable the GNSS modules present in the system and can be used to configure the daemon that can be used to share access to receivers without contention or loss of data and to respond to queries with a format that is substantially easier to parse than the NMEA 0183 emitted directly by the GNSS device.
We are currently running the Berlios GPS daemon (version 3.15), supporting the new JSON format. Please navigate to http://www.catb.org/gpsd/ for getting more information about how to connect any clients to the daemon remotely. The position values can also be queried by the CLI and used in SDK scripts.

Parameter Administrative status Operation mode Antenna type Accuracy
Fix frame interval

GNSS Module Configuration
Enable or disable the GNSS module
The mode of operation, either standalone or assisted (for A-GPS)
The type of the connected GPS antenna, either passive or actively 3 volt powered
The GNSS receiver compares the calculated position accuracy based on the satellite information and compares it with this accuracy threshold in meters. If the calculated position accuracy is better than the accuracy threshold, the position is reported. Adjust this parameter to a higher threshold in case the GNSS receiver does not report a position fix, or when it takes a long time to calculate a fix. This could be caused when there is no clear sky view of the GNSS antenna which is the case in tunnels, beside tall buildings, trees, and so on.
The amount of time to wait between fix attempts

If the GNSS module does support AssistNow and the operation mode is assisted the following configuration can be done:

Parameter Primary URL Secondary URL

GNSS Assisted GPS Configuration The primary AssistNow URL The secondary AssistNow URL

Information about AssistNow: If you have a lot of devices in the field that use the AssistNow service, please consider creating your own AssistNow token at http://www. u-blox.com. If there are too many requests per time, the service may not work as expected. If you have further questions, please contact our support.

Parameter Server port

GNSS Server Configuration
The TCP port on which the daemon is listening for incoming connections

85

NB3800 User Manual for NRSW version 4.3

Parameter Allow clients from
Clients start mode

GNSS Server Configuration
Specifies where clients can connect from, can be either everywhere or from a specific network
Specifies how data transferal is accomplished when a client connects. You can specify on request which typically requires an R to be sent. Data will be sent instantly in case of raw mode which will provide NMEA frames or super-raw which includes the original data of the GPS receiver. If the client supports the JSON format (i.e. newer libgps is used) the json mode can be specified.

Please consider to restrict access to the server port, either by a specifying a dedicated client network or by using a firewall rule.

86

NB3800 User Manual for NRSW version 4.3

Position This pages provides further information about the satellites in view and values derived from them:

Parameter Latitude Longitude Altitude Satellites in view Speed
Satellites used
Dilution of precision

GNSS Information The geographic coordinate specifying the north-south position The geographic coordinate specifying the east-west position The height above sea level of the current location The number of satellites in view as stated in GPGSV frames The horizontal and vertical speed in meter per second as stated in GPRMC frames The number of satellites used for calculating the position as stated in GPGGA frames The dilution of precision as stated in GPGSA frames

Furtheron, each satellite also comes with the following details:

Parameter PRN Elevation Azimuth SNR

GNSS Satellite Information
The PRN code of the satelitte (also referred as satellite ID) as stated in GPGSA frames
The elevation (up-down angle between the dish pointing direction) in degrees as stated in GPGSV frames
The azimuth (rotation around the vertical axis) in degrees as stated in GPGSV frames
The SNR (Signal to Noise Ratio), often referred as signal strength

Please note that the values are shown as calculated by the daemon, their accuracy might be suggestive.
Supervision

Parameter Administrative status Mode Max. downtime
Emergency action

GNSS Supervision
Enable or disable GNSS supervision
Specifies whether to monitor the NMEA stream or GPS fixes
The period of time without valid NMEA stream or GPS fix after which an emergency action shall be taken
The corresponding emergency action. You can either let just restart the server, which will also re-initialize the GPS function on the module, or reset the module in severe cases. Please note that this may have effects on any running WWAN/SMS services.

87

NB3800 User Manual for NRSW version 4.3

5.4. ROUTING
5.4.1. Static Routes
This menu shows all routing entries of the system. They are typically formed by an address/netmask couple (represented in IPv4 dotted decimal notation) which specify the destination of a packet. The packets can be directed to either a gateway or an interface or both. If interface is set to ANY, the system will choose the route interface automatically, depending on the best matching network configured for an interface.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

Static Routes Extended Routes Multipath Routes Multicast
IGMP Proxy Static Routes BGP OSPF Mobile IP Administration QoS Administration Classification

Static Routes

This menu shows all routing entries of the system, they can consist of active and configured ones. The flags are as follows: (A)ctive, (P)ersistent, (H)ost Route, (N)etwork Route, (D)efault Route (Netmasks can be specified in CIDR notation)

Destination Netmask

Gateway

Interface Metric Flags

192.168.1.0 255.255.255.0 0.0.0.0

LAN1 0 AN

192.168.101.0 255.255.255.0 0.0.0.0

LAN1-1 0 AN

192.168.102.0 255.255.255.0 0.0.0.0

LAN1-2 0 AN

192.168.200.0 255.255.255.0 0.0.0.0

WLAN1 0 AN

Route lookup

NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG
Figure 5.19.: Static Routing
In general, host routes precede network routes and network routes precede default routes. Additionally, a metric can be used to determine the priority of a route, a packet will go in the direction with the lowest metric in case a destination matches multiple routes. Netmasks can be specified in CIDR notation (i.e. /24 expands to 255.255.255.0).

88

NB3800 User Manual for NRSW version 4.3

Parameter Destination Netmask
Gateway Interface Metric Flags

Static Route Configuration
The destination address of a packet
The subnet mask which forms, in combination with the destination, the network to be addressed. A single host can be specified by a netmask of 255.255.255.255, a default route corresponds to 0.0.0.0.
The next hop which operates as gateway for this network (can be omitted on peer-to-peer links)
The network interface on which a packet will be transmitted in order to reach the gateway or network behind it
The routing metric of the interface (default 0), higher metrics have the effect of making a route less favorable
(A)ctive, (P)ersistent, (H)ost Route, (N)etwork Route, (D)efault Route

The flags obtain the following meanings:

Flag

Description

A

The route is considered active, it might be inactive if the interface for this route is not yet

up.

P

The route is persistent, which means it is a configured route, otherwise it corresponds to

an interface route.

H

The route is a host route, typically the netmask is set to 255.255.255.255.

N

The route is a network route, consisting of an address and netmask which forms the

subnet to be addressed.

D

The route is a default route, address and netmask are set to 0.0.0.0, thus matching any

packet.

Table 5.47.: Static Route Flags

89

NB3800 User Manual for NRSW version 4.3

5.4.2. Extended Routing Extended routes can be used to perform policy-based routing, they generally precede static routes.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

Static Routes Extended Routes
Multipath Routes Multicast
IGMP Proxy Static Routes BGP OSPF Mobile IP Administration QoS Administration Classification

Extended Routes

Extended routes can be used to perform policy-based routing. In general, they precede any other static routes.

Interface Source

Destination

TOS Route to

ANY

4.4.4.4/32

8.8.8.8/32

any WWAN1

NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Figure 5.20.: Extended Routing

In contrast to statis routes, extended routes can be made up, not only of a destination address/netmask, but also a source address/netmask, incoming interface and the type of service (TOS) of packets.

Parameter Source address Source netmask Destination address Destination netmask Incoming interface Type of service Route to
discard if down

Extended Route Configuration The source address of a packet The source address of a packet The destination address of a packet The destination address of a packet The interface on which the packet enters the system The TOS value within the header of the packet Specifies the target interface or gateway to where the packet should get routed to Discard packets if the specified interface is down

90

NB3800 User Manual for NRSW version 4.3

5.4.3. Multipath Routes
Multipath routes will perform weighted IP-session distribution for particular subnets across multiple interfaces.

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

Static Routes Extended Routes Multipath Routes Multicast
IGMP Proxy Static Routes BGP OSPF Mobile IP Administration QoS Administration Classification

Multipath Routes Multipath routes will perform weighted IP-session distribution for particular subnets across multiple interfaces.

Destination 8.8.4.4/32

Distribution
WWAN1 (50%) LAN2 (50%)

NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Figure 5.21.: Multipath Routes

At least two interfaces have to be defined to establish multipath routing. Additional interfaces can be added by pressing the plus sign.

Parameter Target network/netmask Interface Weight NextHop

Add Multipath Routes Defines the target network for which multipath routing shall be applied Selects the interface for one path Weight of the interface in relation to the others Overrides the default gateway of this interface

91

NB3800 User Manual for NRSW version 4.3

5.4.4. Mobile IP
Mobile IP (MIP) can be used to enable seamless switching between different kinds of WAN links (e.g. WWAN/WLAN). The mobile node hereby remains reachable via the same IP address (home address) at any time, independently of the WAN link being used. Effectively, any WAN link switch causes very small outages during switchover while keeping all IP connections alive.

Moreover, NetModule routers also support NAT-Traversal for mobile nodes running behind a firewall (performing NAT), which makes mobile nodes even there accessible from a central office via their home address, and thus, bypassing any complicated VPN setups.

The home agent accomplishes this by establishing a tunnel (similar to a VPN tunnel) between itself and the mobile node. WAN link switching works by telling the home agent that the WAN IP address (called the care-of address in MIP terms) of the mobile node has changed. The home agent will then encapsulate packets destined to a mobile node’s home address into a tunnel packet containing the current care-of address of the mobile node as its destination address.

To prevent problems with firewalls and private IP addressing, the MIP implementation always employs reverse tunneling, which means that all traffic sent by a mobile node is relayed via the tunnel to the home agent instead of directly being conveyed to the final destination. This fact also empowers MIP to be used as a lightweight VPN replacement (without payload secrecy).

The MIP implementation supports RFCs 3344, 5177, 3024 and 3519. For applications requiring vast numbers of mobile nodes, interoperability with the Cisco 2900 Series home agent implementation has been verified. However, since NetModule routers implement a mobile node as well as a home agent, a MIP network with up to 10 mobile nodes can be implemented without requiring expensive third party routers.

If MIP is run as a mobile node, the following settings can be configured:

Parameter

Mobile IP Configuration

Primary home agent ad- The address of the primary home agent dress

Secondary home agent ad- The address of the secondary home agent. The mobile node will try to

dress

register with this home agent, if the primary home agent is not reach-

able.

Home address

The permanent home address of the mobile node which can be used to reach the mobile router at any time

SPI

The Security Parameter Index (SPI) identifying the security context for

the mobile IP tunnel between the mobile node and the home agent.

This is used to distinguish mobile nodes from each other. Therefore

each mobile node needs to be assigned a unique SPI. This is a 32-bit

hexadecimal value.

Authentication type

The used authentication algorithm. This can be prefix-suffix-md5 (default for MIP) or hmac-md5.

92

NB3800 User Manual for NRSW version 4.3

Parameter Shared secret
Life time UDP encapsulation Mobile network address
Mobile network mask

Mobile IP Configuration
The shared secret used for authentication of the mobile node at the home agent. This can be either a 128-bit hexadecimal value or a random length ASCII string.
The lifetime of security associations in seconds
Specifies whether UDP encapsulation shall be used or not. To allow NAT traversal, UDP encapsulation must be enabled.
Optionally specifies a subnet which should be routed to the mobile node. This information is forwarded via Network Mobility (NEMO) extensions to the home agent. The home agent can then automatically add IP routes to the subnet via the mobile node. Note that this feature is not supported by all third party home agent implementations.
The network mask for the optional routed network

93

NB3800 User Manual for NRSW version 4.3

If MIP is run as a home agent, you will have to set up a home address and network mask for the home agent first. Then you will need to add the configuration for all mobile nodes which is made up of the following settings:

HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM

LOGOUT

Static Routes Extended Routes Multipath Routes Multicast
IGMP Proxy Static Routes BGP OSPF Mobile IP Administration QoS Administration Classification
NetModule Router Simulator Hostname NB1600 Software Version 4.4.0.103 © 2004-2020, NetModule AG

Mobile IP
Mobile IP can be used to move from one network to another while maintaining a permanent IP address and thus avoiding that running IP sessions (including VPN tunnels) must be reconnected.

Administrative status:
Primary home agent address: Secondary home agent address: Home address: SPI: Authentication type: Shared secret: Life time: MTU: UDP encapsulation: Mobile network address: Mobile network mask:

mobile node home agent disabled
194.29.27.205

10.20.0.13 103

(optional)

hmac-md5 ASCII 1800

········

1468 enabled

disabled

(optional)

(optional)

Apply

Figure 5.22.: Mobile IP

Parameter SPI
Authentication type

Mobile IP Node Configuration
The Security Parameter Index (SPI) identifying the security context for the tunnel between the mobile node and the home agent. This is used to distinguish mobile nodes from each other. Therefore each mobile node needs to be assigned a unique SPI. This is a 32-bit hexadecimal value.
The used authentication algorithm. This can be prefix-suffix-md5 (default for mobile IP) or hmac-md5.

94

NB3800 User Manual for NRSW version 4.3

Parameter Shared secret

Mobile IP Node Configuration
The shared secret used for authentication of the mobile node at the home agent. This can be either a 128-bit hexadecimal value or a random length ASCII string.

95

NB3800 User Manual for NRSW version 4.3

5.4.5. Quality Of Service
NetModule routers are able to prioritize and shape certain kinds of IP traffic. This is currently limited on egress, which means that only outgoing traffic can be stipulated. The current QoS solution is using Stochastic Fairness Queueing (SFQ) classes in combination with Hierarchy Token Bucket (HTB) qdiscs. Its principle of operation can be summarized as ceiling the max. throughput per link and shaping traffic by reflecting the specified queue priorities. In general, the lowest priority number of a queue gets most out of the available bandwidth. In case of demands for other class or qdisc algorithms please contact our support team in order to evaluate the best approach for your application.
QoS Administration The administration page can be used to enable and disable QoS.
QoS Classification The classification section can be used to define the WAN interfaces on which QoS should be active.

Parameter Interface Bandwidth congestion
Downstream bandwidth Upstream bandwidth IP to ping (primary)
IP to ping (secondary)

QoS Interface Parameters
The WAN interface on which QoS should be active
The bandwidth congestion method. In case of auto the system will try to apply limits in a best-effort way. However, it is suggested to set fixed bandwidth limits as they also offer a way of tuning the QoS behaviour.
The available bandwidth for incoming traffic
The available bandwidth for outgoing traffic
An IP, which answers ICMP echo requests to determine the bandwidth of the link
An IP, which answers ICMP echo requests to determine the bandwidth of the link

When defining limits, you should consider bandwidth limits which are at least possible as most shaping and queues algorithms will not work correctly if the specified limits cannot be achieved. In particular, any WWAN interfaces operating in a mobile environment are suffering variable bandwidths, thus rather lower values should be used.

96

NB3800 User Manual for NRSW version 4.3

In case an interface has been activated, the system will automatically create the following queues:

Parameter high
default low

QoS Default Queues
A high priority queue which may hold any latency-critical services (such as VoIP)
A default queue which will handle all other services
A low priority queue which may hold less-critical services for which shaping is intended

Each queue can be configured as follows:

Parameter Name Priority Bandwidth
Set TOS

QoS Queue Parameters
The name of the QoS queue
A numerical priority for the queue, lower values indicate higher priorities
The maximum possible bandwidth for this queue in case the total bandwidth of all queues exceeds the set upstream bandwidth of “QoS Interface Parameters”
The TOS/DiffServ value to set on matching packets

You can now configure and assign any services to each queue. The following parameters apply:

Parameter Interface Queue Source
Destination
Protocol Source Port Destination Port Type of Service

QoS Service Parameters The QoS interface of the queue The QoS queue to which this service shall be assigned Specifies a network address and netmask used to match the source address of packets Specifies a network address and netmask used to match the destination (target) address of packets Specifies the protocol for packets to be matched Specifies the source port for packets to be matched Specifies the destination port for packets to be matched Specifies the TOS/DiffServ for packets to be matched

97

NB3800 User Manual for NRSW version 4.3

5.4.6. Multicast

Multicast routing (MCR) can be configured and managed by a daemon. Only one MCR daemon can be used at a time.
NetModule routers ship with two different MCR daemons to select from depending on your dependencies:

Parameter IGMP proxy
static routes
disabled

Administrative Status
Forwarding of multicast messages that are dynamically detected on a given interface to another interface
List of MCR rules to forward messages of ded

References

• autorun.sh
• My Dyn Account
• NetModule | Robust Communication
• Support | NetModule
• Licenses – Open Source Initiative
• Home | u-blox
• start [NetModule Router Wiki]
• app-notes:hayes-modem [NetModule Router Wiki]
• app-notes:hayes-modem-at-simulator [NetModule Router Wiki]
• GPSD redirection page
• The FreeBSD Project
• The GNU Operating System and the Free Software Movement
• GNU General Public License v2.0 - GNU Project - Free Software Foundation
• gnu.org/licenses/gpl-2.0.txt
• gnu.org/licenses/lgpl.txt
• netfilter/iptables project homepage - The netfilter.org project
• NetModule | Robust Communication
• Downloads | Router Software | NetModule
• /index.html
• /index.html
• Business VPN For Secure Networking | OpenVPN
• PHP: Hypertext Preprocessor
• Home | u-blox
• Wireshark · Go Deep

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>