Home

MC-MRL/MC-MRL-4 MC-MRH/MC-MRH-4 MC-MRE/MC-MRE-4

1. 2 Additional functions 2 1 Router configuration using SSH and XML file 45 2 1 1 Download configuration via SSH 45 2 1 2 Upload configuration via SSH 45 2 2 Sending and receiving IO status email SMS and router status using XML files via the router socket server 46 2 2 1 Sample XML files 46 2 2 2 Functions test using Windows HyperTerminal 47 2 3 Using the integrated GPS receiver in the MC MRH router 48 2 3 1 Activating the GPS function 48 2 3 2 Displaying the GPS coordinates in the web interface 49 2 3 3 Receiving the GPS coordinates as an SMS 49 2 3 4 GPS coordinates as an XML file 49 4 MC Technologies Router program MC TECHNOLOGIES 1 1 Configuration via the integrated web interface 1 1 Preparations 1 Hook the router up to the power supply using connection P1 P2 or POW 2 To configure connect the PC and the router to Ethernet port ETH1 using an Ethernet cable 3 For configuration you will need a browser i e Mozilla Firefox Microsoft Internet Explorer etc on a PC The router must be connected to the power supply The PC to be used for configuration must be connected to an Ethernet port on the router 1 2 Configuration 1 2 1 Configuration via web interface 1 The PC must be set to obtain IP address automatically This is the default setting for PCs 2 Open a browser on the PC Type the IP address default 192 168 0 1 in the address field 4 For authentication purposes a user
2. IPsec SA Encryption AES 128 default AES 192 AES 256 3 DES IPsec SA Hash The setting all accepts either MD5 or SHA 1 IPsec SA Lifetime Life cycle in seconds for the key specified for IPsec SA 28800 seconds 8 hours default 86400 seconds 24 hours maximum Perfect Forward Yes Perfect Forward Secrecy activated Sec PFS No Perfect Forward Secrecy deactivated DH PFS Group Key exchange procedure Diffie Hellman groups for Internet Key Exchange IKE 5 modp1536 High encryption 2 modp1024 Normal encryption default Rekey Yes A new key will be brokered No No new key will be brokered Dead Peer Detection Recognition of validity and resulting action in case of interruption of IPsec connection Yes Dead Peer Detection activated i e Restart at VPN Initiate No No Dead Peer Detection DPD Delay Time interval to next check DPD Timeout Time period after which the connection to the remote peer should be declared inactive Default value 120 seconds Maximum 86400 seconds 24 hours 1 7 1 2 Certificates The router authenticates itself to the remote peer with a certificate that can be uploaded onto the router By clicking Apply you upload the certificate onto the router Logout MC MRH Status Local Network Wireless Network Load Remote Certificate cer crt Network Security i VPN Upload Datei ausw hlen Keine Datei ausgew hlt Apply Load Own PKCS 12 Certificate p1
3. 22 MC Technologies Router program MC TECHNOLOGIES 1 7 VPN 1 7 1 IPsec 1 7 1 1 Connections IPsec Internet Protocol Security is a security protocol used for communicating over IP networks For a VPN connection the IP addresses of the VPN remote peers must be known and addressable The VPN remote peer must support IPsec with the following configuration Authentication by X 509 certificates or Preshared Secret Key PSK ESP Diffie Hellman Group 2 or 5 3DES or AES encryption MD5 or SHA 1 hash algorithms Tunnel mode Quick mode Main mode SA lifetime 1 second to 24 hours O Logout Status IPsec Connections Local Network N Wireless Ne Monitor DynDNS o Network Security Check interval 600 sec VPN 4 Enabled Name Yes Router if 3 R No vpn2 No vpn3 No vpn4 No vpn5 No vpn vpn e ellk E El 5 E El el fel fe E E vpn IPsec Connections Monitor DynDNS If DynDNS is used as Remote Host the Monitor DynDNS function should be set to Yes Check interval Check interval in seconds Enabled Activate or deactivate VPN connection Name Arbitrary name of VPN connection Settings VPN connection settings IKE The Edit menu includes settings to establish IKE Internet Key Exchange protocol automatic key management for IPsec see Page 25 User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MR
4. Wireless Network Firewall Disabled Enabled Network Security Port forwarding via NAT table Disabled Enabled A Ssa Block outgoing Netbios Disabled Enabled NAT table Ping ICMP external Disabled Enabled Hia External SNMP access Disabled Enabled System External web based management via HTTP Disabled Enabled NAT Masquerade external Disabled Enabled Device access via SSH Disabled QEnabled External access via SSH ODisabled Enabled General Set up Firewall Disabled The integrated firewall is deactivated no filtering of data packets Enabled The integrated firewall is activated default Port forwarding Disabled Port forwarding via NAT table is blocked via NAT table Enabled Port forwarding via NAT table is allowed Block outgoing Netbios Disabled Outgoing NetBIOS requests are allowed Enabled Outgoing NetBIOS requests are blocked default Ping ICMP external Disabled A ping request from the external IP network to the router is ignored default Enabled A ping request from the external IP network to the router is returned External SNMP access Disabled Remote SNMP Access is not possible Enabled Remote SNMP Access is possible External Web based Disabled External configuration via the web interface is not possible default Management via HTTP Enabled External configuration via the web interface is possible NAT Masquerade Disabled No IP masquerading performed external Enabled IP masquerading is acti
5. 1 9 6 ComSERVER Only for MC Router with RS232 or RS485 interface on X1 For remote access to terminal equipment with a serial interface a virtual COM port connection can additionally be established over long distances as a standard router function MC Technologies MC MRL MC MRH and MC MRE routers are optionally equipped with an RS232 or RS485 interface at X1 for this purpose For detailed information please refer to the MC Technologies Application Note 41 Router COM Port connection via MC router RS232 RS485 ee ever ocal iensor eS Wireless Network Status Disabled Enabled Network Security Connection Type Server RFC 2217 ne N Server Port default 3001 3001 System Flow control RFC 2217 Hardware Apply Software Web Configuration User Log Configuration Log File ComSERVER Status Disabled The ComServer is deactivated Enabled The ComServer is activated Connection Type Server RAW Usage without RFC 2217 Client Server Protocol Server RFC 2217 Usage with RFC 2217 Client Server Protocol Server Port default 3001 Set the TCP port via which the ComServer is to be addressed Flow control Set flow control RFC 2217 With an RS232 application RS485 RTS With an RS485 application Ea Note RFC 2217 is a Standard Client Server Protocol used as a standard protocol when using multiple device servers ComServer The RFC 2217 protocol allows for the use of various COM port redirector softw
6. Configuration Up Download RTC Reboot Firmware Update Configuration Up Download Download Download Store the current configuration in a file on a connected PC USB stick Store the current configuration in a file on a USB stick inserted into the router SD card Store the current configuration in a file on the internally inserted SD card The SD card slot can be accessed by opening the rear housing panel XML format Check this box to save the configuration in XML format Upload Upload a stored configuration Reset to Factory Defaults The configuration is set to factory default settings VPN certificates stored in the router are not affected Eu Note Configuration using SSH and XML file The transfer of an XML file for router configuration can also be carried out using the SSH protocol via the local Ethernet interface or in remote operation Please follow the description under 2 1 Page 45 42 MC Technologies Router program MC TECHNOLOGIES 1 9 10 RTC Setting the time and date Time Server MC MRL Logout Status Real Time Clock RTC Local Network ae ee WC Nahas New Time 2014 06 06 23 01 Enj Set Network Security VEn NTP Synchronisation Disabled Enabled System Hardware Bae Ba Timezone GMT 01 00 Amsterdam Berlin Bem User cael Daylight saving time Disabled Enabled Log File SMTP Configuration Sa goa ea rs Up Download Time Server Disabled Enabled ne Apoy at Rebo
7. Initiate on Call Connection established after valid call Iniatiate on Input Connection established after switch signal on IN of the I O interface Autoreset Click here and set a time in minutes after which the connection should be automatically disconnected IPsec Connection IKE gt Edit MC MRL Logout Status IPsec Internet Key Exchange Settings Local Network Wireless Network ee wens Network Security VPN Phase 1 ISAKMP SA Psec ISAKMP SA Encryption AES 128 z k fa aoe ISAKMP SA Hash all X Status ISAKMP SA Lifetime 3600 sec OpenVPN 1 0 System Phase 2 IPsec SA IPsec SA Encryption AES 128 IPsec SA Hash all IPsec SA Lifetime 28800 Sec Perfect Forward Secrecy PFS Yes DH PFS Group 2 modp1024 Rekey Yes v Dead Peer Detection Yes v DPD Delay 30 Sec DPD Timeout 120 sec Settings IPsec Connection IKE IPsec Internet Key Name of the VPN connection Exchange Settings Phase 1 ISAKMP SA ISAKMP SA Encryption AES 128 default AES 192 AES 256 3 DES ISAKMP SA Hash The setting all accepts either MD5 or SHA 1 ISAKMP SA Lifetime Life cycle of a key in seconds 3600 1 hour User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 25 MC TECHNOLOGIES IPsec Connection IKE Phase 2 IPsec SA Unlike Phase 1 ISAKMP SA key exchange this is where the procedure for Data exchange is determined It can differ from the key exchange procedure
8. OpenVPN Status Active OpenVPN Connections Name Remote Host Status LAB2 217 91 89 124 1194 OpenVPN Status Active OpenVPN Status of the active VPN connection Connections 32 MC Technologies Router program MC TECHNOLOGIES 1 8 1 0 The router has an I O input and output Input Output The router input behaves as follows Input Low An input voltage of less than 5 6 volts is recognized as a Low signal Input High An input voltage over 5 6 volts is recognized as a High signal The maximum input voltage is 30V Input current is limited to max 4mA The physical behaviour of the router output is as follows Output Low The output is highly resistant Output High The operating voltage 10 30V minus approx 0 5V is switched to the outside Its maximum load is 180 mA following which the current limiter will be activated and the voltage will drop Example If the router is operated using 24V the Output High at the output will be approx 23 5V In the case of Output Low there will be OV at the output 1 8 1 Inputs The switch input can be used to send SMSs or email Please check to see if the switch input is already being used to start a VPN connection If so it will not be possible to use it to send SMS or emails Logout Status inputs Local Network rare Wireless Network 4 High SMS Edit Network Security Low Low eMail Edit VPN O Apply Inputs Outputs Phonebook Socket Se
9. VPN amp 0 System SIM SIM1 Country Preselection of the country in which the router should operate Under the menu option Provider you can then select the mobile service provider of the selected country PIN PIN entry for SIM card SIM1 Roaming Set up for use of third party cellular networks Enabled The router can log onto third party networks The Auto setting selects the provider with the strongest signal This may result in additional cost depending on the mobile service contract Alternatively you can choose a provider yourself Disabled Roaming is deactivated and only the local network of the provider is used If this network is not available the router cannot connect to the Internet Provider Selection of the provider via which the router connects to the Internet The selection changes according to the country selected under Country in the menu Auto The router selects the provider automatically Username User name for access Password Password for access The user name and the password are given to you by your mobile service provider Do not leave the user name and password blank during configuration even if the mobile service provider does not require any specific input APN The APN is given to you by your mobile service provider APN Access Point Name is the name of the access point in the mobile service provider s packet data network Authentication The default setting is All protocols Some
10. name and password must be entered The default settings for the user name and password are both admin which should be entered in the corresponding fields For your security the password setting can be changed at any time using the System User menu item on the web interface see Page 39 1 2 2 Local IP address is not longer known configuration button To reconfigure the router using the default IP address you will need to use the configuration button on the rear side of the device This function depends on the setting you defined in Section 1 9 3 Reset button Web access reset The router is set to Web access reset unless you change the default setting Press the configuration button for at least 5 seconds using a pointed object The router web interface can be temporarily readdressed using the default IP address 192 168 0 1 for the Ethernet LAN connection The configuration settings will not be lost when doing so i Important note The router does not supply any IP address to the connected PC via DHCP You must thus assign a fixed IP address to the PC e g 192 168 0 2 default gateway 192 168 0 1 You will now have access to web management using the default access data Please check the settings for the router IP address user name and password and make any changes required Factory reset You changed the setting to Factory reset see Item 1 9 3 System Configuration Reset button Press the configura tion button for a
11. providers require a specific authentication setting refuse MSCHAP CHAP only PAP only here Consult your provider if necessary User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 13 MC TECHNOLOGIES 14 1 5 3 Back up SIM SIM2 Settings for the back up mobile connection via SIM2 MC MRL O Logout Status oe Country Germany bi Network Connections VO Status Routing Table PIN sees DHCP Leases warn Local Network Roaming O Disabled Enabled Wireless Network Provider Auto Radio Setup SIM r Backup SIM Usemame IN SMS Configuration Password Packet Data Setup Static Routes APN web 20004 ga ee Authentication All Protocols Connection Cneck Network Security VPN a O System Back up SIM SIM2 The same settings apply here as for Item 1 5 2 SIM SIM1 see Page 13 The second SIM card SIM2 is located inside the router housing To insert or remove the SIM2 card remove the back panel of the router 1 5 4 SMS Configuration Controlling the mobile router by SMS Under SMS Control click Enabled Define an SMS password for security The password can comprise up to 7 alphanumeric characters SMS Syntax Commands are inputs using the following SMS syntax lt password gt lt command gt lt password gt A Z 0 9 ii Up to 7 alphanumeric characters lt command gt SET lt sub_cmd gt Set command ON lt command gt CLR lt sub_cm
12. side of the tunnel Port Forwarding Forwarding with the setting described under 1 7 2 2 Host Forwarding Forwarding to the fixed IP address of a connected terminal device Forward to local Host Encryption Encryption algorithm for the OpenVPN connection OpenVPN Tunnel Preshared Secret Key Authentication Preshared Secret Key Preshared Secret Key None Remote Interface 17216 02 Local Interface 172 16 0 1 Address Remote Network 192 168 9 0 24 Connection NAT None Encryption BLOWFISH 128 Bit Authentication Preshared Secret Key authentication procedure with a static key Preshared Key Preshared Secret Key Ascertains preshared secret key the router uses to identify itself to the VPN remote peer Remote Interface Virtual remote IP address of the remote peer certificate type Certificate Type Local Interface Virtual local IP address of the router Address Remote Address range of the remote network Network Connection NAT None No forwarding Local 1 1 NAT One to one forwarding to a local network NAT to local network Local Masquerding The packets going out through the tunnel are rewritten to the source address of the router to allow equipment on the router access to the other side of the tunnel Port Forwarding Forwarding with the setting described under 1 7 2 2 Host Forwarding Forwarding to the fixed IP address of a connected terminal device Forward to local Host Encryption Encryption algorithm for
13. the OpenVPN connection User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 29 MC TECHNOLOGIES OpenVPN Tunnel User name Password Authentication Usemame Password v CA Certificate None Check Remote Certificate Type O Username Password Connection NAT None X Encryption BLOWFISH 128 Bit Authentication Username Password Set up of user name and password CA Certificate Enter the OpenVPN server CA certificate Check Remote Specifying whether the remote certificate should be evaluated Certificate Type Username Enter user name Password Ente password Connection NAT None No forwarding Local 1 1 NAT One to one forwarding to a local network NAT to local network Local Masquerading The packets going out through the tunnel are rewritten to the router source address so that equipment on the router can access the other side of the tunnel Remote Masquerading The packets coming in through the tunnel are rewritten on the local router address Port Forwarding Forwarding with the setting described under 1 7 2 2 Host Forwarding Forwarding to the fixed IP address of a connected terminal device Forward to local Host Encryption Encryption algorithm for the OpenVPN connection Keep Alive Keep Alive Restart Keep Alive Time period in seconds after which Keep Alive requests should be sent These requests test whether the remote peer is still available Default setting 30
14. with PUK Wrong PIN Wrong PIN configured in the router No SIM Card Put SIM card in Power off The GSM module is still off Signal level Display receive level Packet data Offline No packet data connection GPRS online Active GPRS connection EDGE online Active EDGE connection UMTS online Active UMTS connection HSDPA HSUPA online Active HSDPA HSUPA connection LTE online Active LTE connection SIM 1 IMSI Specification of IMSI International Mobile Subscriber Identity by the SIM card Local area code Number in cellular network via current location Cell ID Clear recognition of a GSM cell in the cellular network 6 MC Technologies Router program MC TECHNOLOGIES 1 3 2 Network Connections Status information on mobile connection and on local Ethernet network Logout Status __ Network Connections Radio Wireless Network Network Connections A I O Status Link TCP IP connected Ti Table IP Address 37 84 74 12 DH Leases Local Newark Netmask 255 255 255 248 IP Configuration DNS Server 10 74 210 210 DHCP Server Sec DNS Server 10 74 210 211 Static Routes Wireless Network Expires 6601 sec Network Security RX bytes 4 194 364 VPN a 1 0 TX bytes 142590 System Local Network Link connected IP Address 192 168 196 253 Netmask 255 255 255 0 Network Connections Wireless Network Link TCP IP connected Active GPRS EDGE UMTS HSPA or LTE packet data connection in cellular network VPN connec
15. 1 3 4 ComSERVER Only for MC Router with RS232 or RS485 interface on X1 8 1 3 5 Routing Table 8 1 3 6 DHCP Leases 9 1 4 Local Network 1 4 1 IP Configuration 9 1 4 2 DHCP Server 10 1 4 3 Local Static Routes 11 1 5 Wireless Network 1 5 1 Radio Set up 12 1 5 2 SIM SIM1 13 1 5 3 Backup SIM SIM2 14 1 5 4 SMS Configuration 14 15 1 5 5 Packet Data Set up 16 1 5 6 Wireless Static Routes 17 1 5 7 DynDNS 18 1 5 8 Connection Check 18 1 6 Network Security 1 6 1 General Set up Firmware 1 xx x 19 20 1 6 1 General Set up Firmware 2 xx x 20 1 6 2 Firewall 21 1 6 3 NAT Table Port forwarding 22 1 7 VPN 1 7 1 IPsec 1 7 1 1 Connections 23 25 1 7 1 2 Certificates 26 27 1 7 1 3 Status 27 1 7 2 OpenVPN 1 7 2 1 Connections 28 30 1 7 2 2 Port Forwarding 31 1 7 2 3 Certificates 31 32 1 7 2 4 Static Keys Preshared Key 32 1 7 2 5 Status 32 1 8 I O 1 8 1 Inputs 33 1 8 2 Outputs 33 34 1 8 3 Phonebook 34 1 8 4 Socket Server 34 1 9 System 1 9 1 Hardware 35 1 9 2 Software 36 1 9 3 System Configuration 36 38 1 9 4 User 39 1 9 5 Log File 39 1 9 6 ComSERVER Only for MC Router with RS232 or RS485 interface on X1 40 1 9 7 SMTP configuration 40 41 1 9 8 SMTP configuration sending emails 41 1 9 9 Configuration Up Download 42 1 9 10 RTC Setting the time and date Time Server 43 1 9 11 Reboot restarting the router 4 4 1 9 12 Firmware Update 44 User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 3 Mc TECHNOLOGIES
16. 2 Upload Password Remote Certificates Name Router crt Own Certificates Name RoutersS pi2 CA Certificate Machine Certificate Private Key 26 MC Technologies Router program IMC TECHNOLOGIES Certificates Load Remote Upload Upload the remote peer certificate cer crt Certificate Under VPN gt IPsec gt Connections gt Settings gt Edit you assign the certificate for the VPN connection Load Own PKCS 12 Upload Upload the certificate in PKCS 12 format xxx p12 to be used for the local router Certificate Under VPN gt IPsec gt Connections gt Settings gt Edit you assign the certificate to the VPN connection Password Enter the password given during exporting Remote Certificates List of imported cer crt certificates Delete Delete a certificate Own Certificates List of imported PKCS 12 certificates Delete Delete a certificate 1 7 1 3 Status Logout Status Local Network IPsec Status Wireless Network Active IPsec Connectic Network Security i soo IEE VPN Name Remote Host ISAKMP SA IPsec SA IPsec l vpn1 84 46 116 88 IPsec Status Active IPsec An active VPN connection is indicated by a green symbol Connections Router Programm Anwenderhandbuch Webinterface Stand 07 2014 27 MC TECHNOLOGIES 28 1 7 2 OpenVPN 1 7 2 1 Connections Tunnel 1 and 2 OpenVPN establishment of a virtual private network VPN via an encrypte
17. Conne jons Current Address lO Status IP Address 192 168 0 1 Routing Table Subnet Mask 2562552550 DHCF Leases Local Network Type of the IP address assignment Static Address Alias Addresses IP Configuration A DHCP Server f Static Routes Wireless Network IP Address Subnet Mask Network Secunty VPN 1 0 System IP Configuration Current Address IP Address Current local IP address of the router If you forget the IP address and would like to configure the router follow the instructions under 1 2 Configuration on Page 5 Subnet Mask Current subnet mask Type of IP address Static default The IP address has been set assignment DHCP The IP address and the subnet mask are obtained dynamically from a connected DHCP server Alias Addresses IP Adress Alias addresses how the router can be reached alternatively up to eight other IP addresses Subnet Mask Click New and add the other IP addresses as well as the corresponding subnet masks User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 9 MC a 1 4 2 DHCP Server An IP address can be allocated automatically to local equipment connected via Ethernet using DHCP Dynamic Host Configuration Protocol MC MRL Logout Status DHCP Server Radio ar P dE Network Connections TUES SME CEPON Bhs VO Status Domain Name example net eS Lease Time d h ms 24h Local Network IP Con
18. For a test in Windows the programme HyperTerminal can be used Hyperterminal can be used to send XML files to the router socket server The corresponding XML files see 2 2 1 must first be stored on your user PC Open Hyperterminal and configure the desired connection The example given uses the default settings Host address 192 168 0 1 Router Socket Server IP Address Connection number 1432 Socket Server Port Establish connection via TCP IP Winsock Verbinden mit B F Test Geben Sie die Rufnummer ein die gew hlt werden solk Land Region Deutschland 49 v Ortskennzahl Verbinden mit DB F Test Geben Sie Informationen f r den anzurufenden Host ar Hostadresse 192 168 0 1 Anschussnumer pa Open the connection In the HyperTerminal menu Transfer send text file select the XML file to be transferred F Test HyperTerminal De 83 0B E Datei senden Datei empfangen Text aufzeichnen Am Drucker aufzeichnen After transfer is complete HyperTerminal displays the answer to your query 2 3 Using the integrated GPS receiver in the MC MRH router This function is only available to you if you have an MC MRH router with a GPS antenna connection The GPS coordinates longitude and latitude can be made available in different ways e Inthe web interface under Status Radio e By SMS as a reply to an SMS status request e Asareply from the integrated socket server aft
19. H 4 MC MRE MC MRE 4 05 2015 23 MC TECHNOLOGIES IPsec Connection Settings gt Edit IPsec Connection Settings IPsec Connection Settings Name vpn Name vpni VPN Disabled Enabled VPN Disabled Enabled Remote Host Authentication X509 Remote Certticate EJ Remote Certificate None E Authentication X509 Remote Certificate B Local Certificate None E Remote Certificate None B Remote ID Local Certificate None B Local ID Remote ID Local ID Virtual Remote Address 15716397 Address Remote Network 197 168 9 0 24 Address Remote Network 192 168 9 0 24 Address Local Network 192 168 0 0 24 Address Local Network 192 168 0 0 24 Connection NAT None Connection NAT None Remote Connection Accept z Remote Connection Autoreset 60 min Autoresel Remote Connection Accept Remote Connection Initiate IPsec Connection Settings Name Name of the VPN connection VPN Active Enabled Inactive Disabled Authentication X 509 Remote Certificate Each VPN participant has a private secret key as well as a public key in the form of a X 509 certificate which contains further information about its owner and a certification authority CA Preshared Secred Key PSK Each VPN participant knows a shared password X 509 Remote CAuth Like an X 509 certificate but with entry of the user name and password e g when using Shrew Soft as a VPN client Remote Certificate VPN remote peer certificate The certificate must be loade
20. SIM active if a connection to the provider of the standard SIM SIM1 for the set provider timeout period fails The duration of the back up SIM SIM2 is determined by setting the back up runtime After this period the standard SIM is reactivated Always Only the back up SIM SIM2 is active Input 1 Switch to back up SIM SIM2 if input 1 high is on level Provider Timeout Amount of time in minutes after which the back up SIM card SIM2 should be switched to if the primary cellular network SIM1 is down Backup Runtime Amount of time in hours after which the primary cellular network SIM1 should be switched back on Daily relogin Disabled Deactivate daily login Enabled Activate daily login Daily login first attempts to log onto primary cellular network SIM1 Time Time of day at which the router independently logs out of the cellular network and logs back in Relogin first attempts to log onto primary cellular network SIM1 12 MC Technologies Router program MC TECHNOLOGIES 1 5 2 SIM SIM1 Settings for the primary mobile connection via SIM1 t Logout Status ae Connections Country casas s I O Status Routing Table FIN Prem DHCP Leases Local Network Roaming D Disabled Enabled Wireless Network Provider Auto Radio Setup SIM A Backup SIM Username Facket Data Setup Static Routes APN internet2000 DynDNS Authentication All Protocols Connection Check Network Security
21. Security None System Authentication Plain Password Hardware Software System Configuration Usemame Password From F Configuration Up Download RTC Reboot Firmware Update SMTP Configuration SMTP Server Host name or mail server IP address Server Port default 25 Mail server port Transport Layer Security None Unencrypted connection to the mail server STARTTLS After STARTTLS encrypted connection to the mail server SSL TLS Encrypted connection to the mail server via SSL TLS Authentication No authentication No authentication required Plain Password Authentication using user name and password Encrypted Password Authentication using user name and password plus encrypted transmission Username User name for logging onto the mail server Password Password for logging onto the mail server From Sender s email address User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 41 MC TECHNOLOGIES 1 9 9 Configuration Up Download The configuration can be stored as a CFG file default or as an XML file on the user PC Configurations stored on this PC can be uploaded to the router MC MRL O Logout Status Configuration Up Download Local Network a Wireless Network Download XML format Network Security 7 ie Upload Keine Datei ausgew hlt Apply System Hardware Reset to Factory Defaults Software System Configuration User Log File SMTP Configuration
22. TPS port default443 Alter the https default port here Certificate validity Validity of the https certificate in days HTTPS certificate Renew certificate Local generation of an https certificate Click again to renew the certificate Log Configuration Log files can be saved on an external log server via UDP ERE Fedio Lag Canfiguratian menik Someone Seo Sates FemaeUDP Logging Disable Enable Riuairny Talie Hameri Address Maaranen SWE anerem pa arias sea taner Potidetaut 914 Son valatile Leg UER Sid USE Slap oyal doo Slat snes fuel Weve Lardy dee Lirimet LiL Files aM onhguraton Coie Lp Oceanic RT Rebceat Finmarare Upare Log Configuration Remote UPD Logging Disabled No logging on external server Enabled Logging on external server Server IP address Server IP address Server Port default 514 Server port Non volatile Log Disabled Logging on the internal RAM USB stick Logging on the USB stick on the front plate SD card Logging on internal SD card The SD card is not included in the scope of delivery User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 37 MC TECHNOLOGIES Load Configuration Load configuration Disabled Configuration unlock once Load configuration Load Configuration Disabled Uploading of the configuration from a USB stick or internal SD card is deactivated USB stick A configuration from a
23. The integrated firewall is activated default Port forwarding Disabled Port forwarding via NAT table is blocked via NAT table Enabled Port forwarding via NAT table is allowed Block outgoing Netbios Disabled Outgoing NetBIOS requests are allowed Enabled Outgoing NetBIOS requests are blocked default Ping ICMP external Disabled A ping request from the external IP network to the router is ignored default Enabled A ping request from the external IP network to the router is returned Web based Management Disabled External configuration via the web interface is not possible default external Enabled External configuration via the web interface is possible NAT Masquerade Disabled No IP masquerading performed external Enabled IP masquerading is activated Communication from a private local network to the Internet is allowed default Device access via SSH Disabled Local SSH access to the router is not possible default Enabled Local SSH access to the router is possible External access via SSH Disabled Remote SSH access to the router is not possible default Enabled Remote SSH access to the router is possible 1 6 2 General Setup Firmware 2 xx x These settings apply for routers with 2 xx x firmware see Release Version under System Hardware FE Important note Routers with Release 1 xx x firmware cannot be updated to Version 2 xx x Please contact the manufacturer MC MRH Logout gar rele
24. USB connected to the router has been uploaded SD card A configuration from the internal SD card has been uploaded If the upload was successful the setting is automatically set to Disabled The setting must be reconfigured to USB stick or SD card for a new upload Note The internal SD card slot is accessible by removing the back cover Configuration unlock once The configuration is only uploaded once from the storage medium USB stick or SD card always The configuration is always uploaded from the storage medium USB stick or SD card after the router is booted by Input 1 The configuration is uploaded from the storage medium USB stick or SD card when there is a High signal from the input I O Click Apply to save your configuration Reset button To reconfigure the router using the default IP address or to set the configuration to the factory default settings you will need to use the configuration button on the rear side of the device See Item 1 2 2 The following settings allow you to define which function should be permanently assigned to the configuration button Reset button Web access reset Apply Reset button Reset button Web access reset Press the reset button to readdress the router web interface using the default IP address 192 168 0 1 for the Ethernet LAN connection The configuration settings will not be lost when doing so Factory reset Press the reset button to readdress the
25. User Manual Web Interface MC Technologies Router MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 Router Description Mobile radio routers were designed for industrial use They allow switching as needed between mobile radio routers with high and medium bandwidth Advantages at a glance e Easy expansion of protected networks e High security data transfer via IPsec or OpenVPN tunnel plus integrated firewall e Easy and identical configuration of router family via integrated web server USB stick or remote Compatible with mobile networks world wide can be used internationally Event alerts by SMS and email e Top hat rail mounting e Integrated logbook records device specific events e Use of applications with RS232 RS485 or M Bus interfaces on demand only MC MRL MC MRH MC MRE e Use of integrated GPS receiver for positioning on demand only MC MRH MC MRH 4 e Delivered ready to use including power supply plug Ethernet connecting cable and mobile radio antenna e SIM cards are not included in the standard scope of delivery MC Technologies Router program MC TECHNOLOGIES Contents 1 Configuration via the integrated web interface 5 1 1 Preparations 5 1 2 Configuration 1 2 1 Configuration via web interface 5 1 2 2 Local IP address is not longer known configuration button 5 1 2 3 Resetting all parameters 5 1 3 Status 1 3 1 Radio 6 1 3 2 Network Connections 7 1 3 3 I O Status 8
26. ahlt Password Psec at Load CA Certificate crt part Forward Upload Keine Datei ausgew hlt Static Keys Status Name Own Certificates CA Certificates Name User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 31 MC TECHNOLOGIES Certificates Load Own PKCS 12 Upload Upload the certificate in PKCS 12 format xxx p12 to be used for the local router Under VPN gt OpenVPN gt Client you can assign one of these certificates to each VPN connection under Local Certificate Password _ Password with which the PKCS 12 file is protected during export Load CA certificate Upload Upload the CA certificate crt a Own Certificate Name Display the uploaded certificates and keys CA Certificate Name Display the uploaded CA certificates and keys 1 7 2 4 Static Keys Preshared Key MC MRL Logout Status OpenVPN static Keys Local Network Wireless Network Generate static Key Network Security VPN Load static Key Psec pn OpenVPN Upload Durchsuchen Keine Datei ausgewahlt Connections Port Forwarding Certificates Static Keys A Status m0 System Static Keys Generate static Key Click on Save to generate and save a static key file Load static Key Upload Upload the static key file The same file must be uploaded to the remote peer s OpenVPN server Static Keys List of uploaded static key files 1 7 2 5 Status
27. ares for virtual Com Port Interfaces on the PC 1 9 7 SMTP configuration SNMP Configuration System Information Name of Device Description Physical location Contact SNMPv1 v2 Community Enable SNMPvi v2 access No Yes Read only pubie Read and write Trap Configuration Trap manager IF address Port Target Community pel Sending traps ODisabled Enabled Apply 40 MC Technologies Router program MC TECHNOLOGIES SNMP Configuration System information Name of Device For example Device name Description Short description Physical location For example name of the location Contact For example The admin s email address SNMPv1 v2 Community Enable SNMPv1 v2 access Yes SNMP is supported No SNMP is not supported Read Only Password for read only access Read and write Password for read and write access Trap Configuration Trap Manager IP address__Enter the recipient s IP address Port Port Default 162 Target Community Recipient s password Sending traps Disabled No traps are sent Enabled Traps are sent 1 9 8 SMTP configuration sending emails To send emails as described under 1 8 1 Input page 33 an email server must be configured with the support of the SMTP protocol Please use your selected email account s access data Mc MRL Logout Status Local Network amp Wireless Network SUE See Network Security Server Port default 25 25 VPN 3 1 0 Transport Layer
28. boot pscp scp pw admin config xml admin 192 168 0 1 tmp cfg xml plink 2 pw admin admin 192 168 0 1 su c usr sbin store_cfg tmp cfg xml b With subsequent router reboot pscp scp pw admin config xml admin 192 168 0 1 tmp cfg xml plink 2 pw admin admin 192 168 0 1 su c usr sbin store_cfg tmp cfg xml sbin reboot wi User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 45 MC MC TECHNOLOGIES TECHNOLOGIES 2 2 Sending and receiving IO status email SMS and router status using XML files via the router socket server The router includes an integrated socket server and can do the following by receiving XML files 1 Set and query I O signals 2 Send messages such as email and SMS 3 Query router status To use these functions the socket server must be set to Enabled as described under 1 8 4 Page 34 The socket server port can be freely configured the default setting is port 1432 MC MRL Cl Logout Status Local Network Pe E Wireless Network Socket Server D Disabled Enabled Network Security Server Port default 1432 1432 VPN XML Newline Char Fy XML Bool Values Verbose io Inputs Outputs Phonebook Socket Server 6 Jtem 46 MC Technologies Router program MC MC TECHNOLOGIES TECHNOLOGIES 2 2 1 Sample for XML files The following are a few examples of XML file content Example Setting and querying the I O signal
29. d ahead of time Local Certificate Local certificate with which the router identifies itself to the VPN remote peer machine certificate PKCS 12 The certificate must be loaded ahead of time Remote ID If the field is left empty default the information from the certificate is used Name for identification by remote peer This must correspond to the information from the router certificate Local ID If the field is left empty default the information from the certificate is used The local ID allows you to set the name with which the router identifies itself to the remote peer For more details see Remote ID Virtual Remote Virtual remote IP address when using clients that cannot connect networks Address e g PC with Shrew Soft VPN software smartphones etc Address Remote IP address subnet mask of the remote network to which the VPN connection needs to be established Network 24 MC Technologies Router program MC TECHNOLOGIES IPsec Connection Settings Address Local IP address subnet mask of the local network Network Connection NAT None No NAT on other IP addresses Local 1 1 NAT gt NAT to local Network 1 to 1 NAT on the local network Setting of the start IP address Remote Connection Direction of connection establishment Accept Wait for the remote peer to establish the connection Initiate The router establishes the connection Initiate on SMS Connection established after reception of valid SMS
30. d connection Two OpenVPN tunnels can be set up at the same time Tunnel 1 and Tunnel 2 The configuration of Tunnel 1 and Tunnel 2 is identical OpenVPN Connections 4 Logout Status OpenVPN Connections Local Network Wireless Network Network Security Enabled Name Tunnel Advanced VPN Yes tunnell gia iP vee i OpenVPN No tunnel Edit Connections Port Forwarding Certificates Static Keys Status Select an OpenVPN connection and click Edit OpenVPN Tunnel Logout Status OpenVPN Tunnel Local Network et Name Wireless Network tunneli Network Security VPN Disabled Enabled VPN Remote Host Psec Remote Port 1194 Ei Protocol UDP In Port Forwarding Certificates Static Keys Allow Remote Float Fi Status Redirect Default Gateway C Local Port g LZO Compression Disabled Name Arbitrary name of OpenVPN connection VPN Enabled OpenVPN Tunnel activated Disabled OpenVPN Tunnel deactivated Remote Host IP address or URL of the remote peer to which the tunnel will be established Remote Port Port of the remote peer to which the tunnel will be established default 1194 Protocol Protocol selection UDP or TCP LZO Compression Disabled Switched off or not allowed Adaptive Data adaptive compression switched on Yes Switched on but can be switched off from the server No Switched off but can be switched on from the server Enabled Compression allow
31. d gt Clear command OFF lt sub_cmd gt OUTPUT Output set to ON OFF lt sub_cmd gt IPSEC IPsec VPN 1 ON OFF lt sub_cmd gt IPSEC n II IPsec VPN n ON OFF n 1 x lt command gt SEND STATUS II Send a status SMS to the caller lt command gt RESET Reset all alarms lt command gt REBOOT Router reboot Example Turn on the I O interface output The example password is pw1212 The SMS sent to the router s call number should then have the following content pw1212 SET OUTPUT MC Technologies Router program MC TECHNOLOGIES Forwarding an SMS to a socket server The router can forward received SMS messages to a terminal device through the Ethernet interface A socket server must be installed on the terminal device to receive XML files Under SMS forward click Enabled Enter the recipient s IP address and the port of the terminal device you want to talk to The default value for the server is Port 1432 The received SMS is forwarded in the following example format Important note i The call number should be included as an entry in the phonebook see Page 34 in order for the router to identify it Example lt xml version 1 0 gt lt cmgr origaddr 49172123456789 timestamp 10 05 21 11 27 14 08 gt SMS message lt cmgr gt origaddr Sender s call number timestamp Time stamp of the Service Centre in GSM 03 40 format MC MRL Logout Status SMS Configuration Radio ao Ty F
32. ditionally indicating Port 80 The port can be changed here if needed Example using router address 192 168 0 1 Web interface address 192 168 0 1 or 192 168 0 1 80 Logout Status Local Network Wireless Network Network Security VPN O System Hardware Software A System Configuration After changing the port to for instance eo 8080 address of the web interface 192 168 0 1 8080 System Configuration Web Configuration Server Port default 80 80 ComSERVER SMTP Configuration Configuration U ownload RTC Reboot Firmware Update System Configuration Web Configuration Server Port default 80 8080 il Note After clicking Apply perform a reboot Page 44 or restart the router interrupt the power supply 36 MC Technologies Router program MC TECHNOLOGIES Web server access The router web interface can be accessed via http or https secure and or http https m Important note This function is only supported by 4 port routers MC xx 4 or 2 port routers MC xx with firmware beginning with 2 xx x See System Hardware Release e g 2 04 2 System Configuration Web configuration Server Port default 80 Web server access HTTPS port default 443 Certificate validity 1825 days HTTPS certificate Renew certificate Web server access Web server access http http access only http https http and https access https https access only HT
33. e MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 21 MC TECHNOLOGIES 1 6 4 NAT table port forwarding Rules for NAT Network Address Translation The router has only one IP address via which it can be accessed externally Data packets can be redirected to internal IP address ports via additional transmitted port numbers Logout Siatus NAT table Local Network Sonera ee oe ap ge Winclase Network Forwarding Incoming Traffic Network Security Protocol In Port To IP To Port Masq Comment _ NAT table iA Apply 1 0 System NAT table Protocol TCP UDP ICMP In Port only with TCP and UDP You have the following options To Port 1 Direct port input Example In Port 20 To Port 30 2 Port range Example In Port 80 90 To Port 100 110 To IP 0 0 0 0 0 means all IP addresses To enter an address range use CIDR notation Masq For every individual rule you can determine if IP masquerading should be applied Yes IP masquerading is activated reply to cellular network is possible No Default reply to cellular network is not possible Comment Entering a comment Log Logging firewall rules Yes Event is logged No Event is not logged default New The New button allows a new rule to be added under the last rule The Delete button deletes the rule from the table il Note After clicking Apply perform a reboot see Page 44 or restart the router interrupt the power supply
34. ed type of compression determined by the server Allow Remote Float Activate this option to accept authenticated packets from each IP address during OpenVPN connection This option is recommended if IP addresses are used for dynamic communication Redirect Default The default gateway is directed via the tunnel Gateway Local Port Determines a fixed port for the OpenVPN client MC Technologies Router program MC TECHNOLOGIES OpenVPN Tunnel X 509 Certificate Authentication X 509 Certificate iJ Local Certificate Las2ni2 B TLS Authentication Key None B Check Remote Certificate Type Connection NAT None i Encryption AES 128 Bit S Authentication X 509 Certificate Authentication procedure for X 509 certificate Local Certificate Ascertains which certificate the router will use to identify itself to the VPN remote peer TLS Authentication Key Selection of a static key for an additional TLS Auth signature The same key must then be used on the other side The static key must have been generated and or uploaded in advance under VPN gt OpenVPN gt Static Key Check Remote Activate this option to check the OpenVPN connection certificates Certificate Type Connection NAT None No forwarding Local 1 1 NAT One to one forwarding to a local network NAT to local network Local Masquerding The packets going out through the tunnel are rewritten to the router source address so that equipment on the router can access the other
35. elease version Release version of router software Operating system Version of operating system Web based management Version of web interface MAC address LAN1 MAC address of Ethernet Connection 1 MAC address LAN2 MAC address of Ethernet Connection 2 Radio engine Type of cellular module used Radio firmware Firmware version of the cellular module IMEI The IMEI International Mobile Station Equipment Identity is a 15 digit serial number which can be used to accurately identify every cellular module User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 35 MC TECHNOLOGIES 1 9 2 Software This menu item lists all the software modules installed including their versions MC MRL O Logout Status Software Information amp Local Network Wireless Network SUE 0 30 1 Network Security busybox 1 18 5 1 7 ai conchkd 0 40 1 System dnsmasq 257 12 Hardware dropbear 0 53 1 1 6 Software A System Configuration expa ean TE ez ipupdate 3 0 11b8 1 0 gsmCtrid 3 7 10 ere iproute2 26 38 13 Up Download ipsec 2 6 11 2 0 Stra iptables 1 4 10 1 1 Firmware Update liboping 0 5 1 1 1 msmip 1 4 27 1 0 opennipd 3 10p2 1 1 openssl 1 0 01 openvpn 2272 11 portmap 6 0 1 2 pppd 245 16 watchdog 0 17 2 xmisrvd 0 3 1 1 9 3 System Configuration Web Configuration The router web interface can normally be reached via the browser without additionally indicating a port or by ad
36. er receiving an XML file with status request 48 MC Technologies Router program MC MC TECHNOLOGIES TECHNOLOGIES 2 3 1 Activating the GPS function Connect a passive or active GPS antenna to the GPS antenna terminal on the router Please ensure that the GPS an tenna has a clear view of the sky In the web interface under Wireless Network Radio Setup under GPS Configuration in the menu select the type of antenna and click Apply i Note If the setting GPS configuration is not visible the GPS function is not activated for your router If no antenna type is selected no GPS data can be displayed MC MRH i Logout ao am fe Local Network Radio Setup Wireless Network Frequency _Europe Asia 00 1800 MHz Radio Setup UMTS Freq _Europe Asia 2100 MHz B SIM Backup SIM SMS Configuration Backup SIM Disabled B Packet Data Setup Provider Timeout c min Static Routes DynDNS Backup Runtime 2 hrs Connection Check z pa h Senny Daily retogin Disabled Enabled 1 0 Time mai System GPS Configuration _ Active Antenna Apply 2 3 2 Displaying the GPS coordinates in the web interface Under Status Radio in the menu the data is displayed with the longitude and latitude values Provider Vodafone de Networkstatus registered home Signal Level N 63 dem Packet Data HSDPA UPA online Local Area Code O5E9 Cell ID 2620FCA Latitude 52 24 715457 N Longitude 9 43 953983 E 2 3 3 Receiving the GPS coord
37. figuration Dynamic IP address allocation Disabled Enabled A sel ore Begin IP Range 192 163 0 10 ANireless Network End IP Range Network Security VPN i i io Static IP address allocation System Client MAC address Client IP address DHCP Server DHCP Server Disabled Enabled Click Enabled if the router should allocate the IP addresses to the connected terminal equipment as the DHCP server at start up Domain Name Domain name to be broadcast via DHCP Lease Time d h m s Validity period of allocated network configuration Dyn IP address Disabled Enabled Click Enabled if an IP address should be dynamically allocated to the connected terminal equipment in a set range Begin IP Range Starting address for the address range from which IP addresses should be distributed End IP Range Ending address for the address range from which IP addresses should be distributed Static IP address Static allocation of the IP address using the MAC address allocation Client MAC address MAC address of the terminal equipment Client IP address IP address of the terminal equipment Static allocation of the IP addresses should not overlap with the dynamic IP addresses An identical IP address should not be used in multiple static allocations 10 MC Technologies Router program MC TECHNOLOGIES 1 4 3 Local Static Routes Data packets from the local network can be defined by static routes using other gateways for alternative
38. g and receiving I O status email SMS and router status using XML files via the router socket server see Section 2 2 1 Page 47 Logout Siatus Socket Configuration Local Network oe A TE Wireless Network Socket Server Disabled Enabled Network Security Server Port default 1432 as VPN XML Newline Char a 0 AML Bool Values Verbose Inputs Outputs Apply Phonebook Socket Server a 5 bem MC Technologies Router program MC TECHNOLOGIES 1 9 System This section provides information on the hardware software and status of the router 1 9 1 Hardware Status Hardware information Local Network MC Technologies GmbH Wireless Network an Network Saonity Address Kabelkamp 2 VPN D 30179 Hannover Oo Internet www me technologies net System Type MC MRL A apna Serial number MC00002045 System Configuration Hardware Rev B User Log File SMTP Configuration Operating system Linux 2 6 39 4 Configuration Web based management 1 42 3 Up Download l RTC MAC address LAN1 D4 00 57 00 CC 00 Reboot MAC address LAN D4 00 57 00 CC 01 Firmware Update Radio engine Radio firmware 11 235 07 00 00 IMEI E H Release version 1 024 Hardware Information Address Address of the manufacturer Internet Internet address of the manufacturer Type Article description of the router Serial number Serial number of the router Hardware Hardware version of router R
39. inates as an SMS As described under 1 5 4 SMS Configuration Controlling the Cellular Router by SMS a status notification can be re quested by SMS lt password gt SEND STATUS Whten the GPS function is activated the GPS coordinates are transmitted in the SMS reply in addition to the status noti fication 2 3 4 GPS coordinates as an XML file As described under 2 2 the status of the router can be requested by sending an XML file to the socket server When the GPS function is activated the GPS coordinates are transmitted in the status notification User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 49
40. j Network Cone SMS control Disabled Enabled VO Status SMS Password sesal Routing Table Local la S SMS forward Disabled O Enabled Wireless Network Server IP address 192 168 0 200 e Server Port default 1432 1432 _ Backup SIM SMS Configuration Packet Data Setup Static Routes DynDN S Connection Check Network Security VPN 1 0 System SMS Configuration SMS control Disabled Remote control of router by SMS not possible Enabled Remote control of router by SMS activated SMS Password SMS password for remote control SMS forward Disabled Forwarding of SMS message via Ethernet not possible Enabled Forwarding of SMS message via Ethernet activated Server IP address IP address to which the SMS message should be forwarded Server Port default 1432 Port to which the SMS message should be forwarded User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 15 MC TECHNOLOGIES 1 5 5 Packet Data Set up Activation and deactivation of the packet data connection via GPRS EDGE UMTS HSPA or LTE MC MRL i Logout Status Radio ae Packet data Disabled Enabled Network Connections ae SE igi VO Status Debug Mode Disabled Enabled Routing Table Allow Compression Disabled Enabled DHCP Leases Local Network MTU default 1500 1500 Wireless Network Event Initiate Radio Setup SIM Backup SIM Manual DNS Disabled Enabled SMS Configurati
41. l Network Wireless Network NE Gateway Racio Setup Ba SIM SMS Configuration Packet Data Setup Static Routes DynDNS Connection Check Network Security VPN 1 0 System Wireless Static Routes Wireless Static Routes Network Network in CIDR notation Gateway The gateway via which this network can be reached User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 17 MC TECHNOLOGIES 1 5 7 DynDNS The router IP address in the cellular network Internet is allocated dynamically by the mobile service operator A name can be allocated to the dynamic IP address using a DynDNS provider via which the router can then be reached over the Internet The DynDNS Client must be saved and activated in the router accordingly i Note For this to work the provider must have allocated a public IP address to the router not a private one This is not the case with all providers DynDNS cannot replace a static IP address and has limited reliability MC MRL Logout Status DynDNS Setup Local Network Status Disabled Enabled Wireless Network otek Sieh i Radio Setup SIM DynDNS Provider DynDNS org Backup SIM SMS Configuration DynDNS Usermame Packet Data Setu static Routes DynDNS Password DynDNS l A A Connection Check DynDNS Hostname a etwork Security Apply VPN B 0O System DynDNS Set up Status Disabled Deactivate D
42. o Port 80 90 all ports from 80 90 Action Accept Pass data packets Reject Data packets are rejected Drop Data packets may not pass the sender does not receive notification Log Logging firewall rules Yes Event is logged No Event is not logged default New A new firewall rule is added below the last rule Delete The rule is deleted Outgoing Traffic Lists the installed firewall regulations They apply for outgoing data connections that were internally initiated to communicate with a remote destination device Factory settings The factory settings include a rule allowing all outgoing connections m Note If no rule is set all outgoing connections are blocked except VPN Protocol TCP UDP ICMP all From IP 0 0 0 0 0 means all IP addresses To enter an address range use CIDR notation From Port Only evaluated for TCP and UDP logs You have the following options To Port 1 Direct port input Example From Port 20 To Port 30 2 Any Examples From Port or To Port Any Any means absolutely any port 3 Port range Example From Port or To Port 80 90 all ports from 80 90 Action Accept Pass data packets Reject Data packets are rejected Drop Data packets may not pass the sender does not receive notification Logging of firewall rules Yes Event is logged No Event is not logged default New A new firewall rule is added below the last rule Delete The rule is deleted User Manual Web Interfac
43. on DNS Server 00 00 Packet Data Setup M Static Routes Sec DNS Server 0 0 0 0 DynDNS TEEN Connection Check Network Security VPN 0 System Packet Data Set up Packet data Disabled Access to GPRS EDGE UMTS HSPA or LTE deactivated Enabled Allow access to GPRS EDGE UMTS HSPA or LTE Debug Mode Disabled Detailed information on packet data connection not saved in the log file Enabled Detailed information on packet data connection saved in the log file Allow Compression Disabled Data compression of the packet data connection is deactivated Enabled Data compression of the packet data connection is activated default MTU default 1500 Maximum packet size in bytes in the packet data network Event Definition of packet data connection start Initiate Automatic start Initiate on Input 1 Start controlled through IN signal in the I O interface Manual DNS Disabled Automatic DNS set up The DNS settings of the provider will be used Enabled Manual DNS set up DNS Server IP address of the primary DNS server in the mobile service network Sec DNS Server IP address of the alternate DNS server in the mobile service network 16 MC Technologies Router program MC TECHNOLOGIES 1 5 6 Wireless Static Routes Data packets from the local network can be defined using static routes for alternative routes in the mobile service network MC MRL Logout Status Wireless Static Routes Loca
44. on lost ON Off Output is not active 1 3 4 ComSERVER only for MC Router with RS232 or RS485 interface on X1 Status display of integrated ComSERVER MC MRH Status Radio ComSERVER Status Network Connections VO Status R ina T as DHCP Leases Link Enabled TCP Remote wating Local Network Wireless Network See also 1 9 6 ComSERVER 1 3 5 Routing Table Display of current routing table Network Connecti eT jee aes cannon Flags Metric Ref Use lface PS Ka SL LRT Ss VO Status 0 0 00 37 84 749 0 0 0 0 UG se Sais Routing Table 37 84 748 0 0 00 255 255 255 248 U eth in DHCP Leases 0 ee aa Nistwoik 1270 00 0000 255 000 UE Glee On Oa E o o 0 Wireless Network 192 168 196 0 0 0 00 2552552550 U Network Security VPN 1 0 System br 8 MC Technologies Router program MC TECHNOLOGIES 1 3 6 DHCP Leases Display allocation of MAC address to IP address of terminal equipment connected to the local Ethernet Connected terminal devices with a fixed IP address will not be shown PCP Leases Host Name Client MAG address Client IP Address me ad34352909f8 00 15 F2 82 C2 1B 192 168 225 1 4 Local Network 1 4 1 IP Configuration Setup of local IP address and subnet mask for router Set your parameters and click Apply Your parameters have been saved but not yet applied To apply the setup restart the router MC MRL Logout Status IP Configuration Radio N etwork
45. ot i Firmware NTP Server Local europe pool nip org Real Time Clock RTC New Time Manually set the time when no time server NTP server is available NTP Synchronisation Disabled No NTP synchronisation Enabled The router obtains date and time from a time server NTP Server Local Use a local NTP server NTP Network Time Protocol The router can be used as an NTP server for a terminal device connected to ETH1 or ETH2 The terminal device must then use the router address as an NTP server NTP synchronization must be set to Enabled Timezone Timezone selection Daylight saving time Disabled Without daylight saving time Enabled With daylight saving time Time Server for Local Network Time Server Enabled The router is operated as a time server in the local network Disabled The router is not a time server for the local network User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 43 MC TECHNOLOGIES 1 9 11 Reboot restarting the router Logout Status Reboot Local Network n Wireless Network diteboot NOWI Network Security Daily reboot Sun Mon Tue Wed Thu Fri VPN 0 at System Time 000 cots Event None Software System Configuration _Apply User Log File SMTP uration Configuration Up Download RTC Reboot Firmware Update Reboot Reboot NOW Router immediately shut down and then restarted Daily reboo
46. router web interface using the default IP address 192 168 0 1 for the Ethernet LAN connection All configuration settings will be deleted and reset to Factory Default Click Apply to save your configuration 38 MC Technologies Router program MC TECHNOLOGIES 1 9 4 User MC MRL Logout D Soi Local Network prre Wireless Network Network Security Old password seee VPN New password 1 0 System Retype new password Hardware Software user System Configuration Old password eevee A ile New password SMTP Configuration Configuration Retype new password Up Download Firmware Update User Set up admin Access to all areas password modification default admin user Only access password modification default public 1 9 5 Log File All router activities are indicated in a log file When the maximum storage capacity is reached the oldest entries are overwritten MC MRL Logout Status Local Network Wireless Network Network Security VPN 1 0 System Hardware Software System Configuration User Log File a SMTP Configuration Configuration Up Download RTC Reboot Firmware Update Log File Clear All entries are deleted View Log file display Save Storage of the log file as a text file on a user PC User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 39 MC TECHNOLOGIES
47. routes MC MRL Logout Status Local Static Routes amp Local Network IP Configuration DHCP Server amp lt reless Network etwork Security VPN 1 0 System Local Static Routes Network Network in CIDR notation IP address Net mask Example XXX XXX XXX XXX yy x IP address yy net mask Example yy 24 number of binary ones gt net mask 255 255 255 0 Gatewa The gateway how this network can be reached User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 11 MC TECHNOLOGIES 1 5 Wireless Network Set up for using the cellular network 1 5 1 Radio Set up Mc MRL Logout Status Radio Setup Local Network 3 RT SE OT E Asia 900 1800 MHz amp Wireless Network Treguency ii aaah Radio Setup UMTS Freq Europe Asia 2100 MHz JN SIM Backup SIM Disabled SMS Configuration ae rakes Packet Data Setup Provider Timeout 10 min Static Routes DynDNS Connection Check Network Security Daily relogin Disabled Enabled VPN fa fame 1 0 Time 000 System Apply Backup Runtime 23 hrs Radio Set up Frequency Set up of the frequency range of the cellular network in which the router should work UMTS Freq Set up of the UMTS frequency range of the cellular network in which the router should work UMTS off Deactivate UMTS and HSPA Backup SIM SIM2 _ Disabled The back up SIM SIM2 is inactive Enabled Back up
48. rver System Inputs High When activated an SMS or email will be sent when there is a High level at the switch input Select the type of message and click Apply Then click Edit For SMS select the corresponding phonebook entry and enter your message under Message Text For an email alert fill out the email form Low When activated an SMS or email will be sent when there is a Low level at the switch input Select the type of message and click Apply Then click Edit For SMS select the corresponding phonebook entry and enter your message under Message Text For an email alert fill out the email form i Note To send an email the email account under the section 1 9 8 see Page 40 41 SMTP Configuration must be set up 1 8 2 Outputs The router switch output can be controlled remotely or switched using a router connection status Logout Status Outputs Local Network Wireless Network Network Security on l Autoreset 10 min VPN 1 0 Apply Inputs Outputs M Phonebook Socket Server System 1 Off Packet Service v User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 33 MC TECHNOLOGIES 34 Outputs Functions Manual Switch the output by clicking ON or OFF in the web interface Remote Controlled Switch the switch output remotely by SMS see Page 13 or by Control command to the socket server see page 14 Radio Network The switch output is ac
49. s lt xml version 1 0 gt lt io gt lt output no 1 value 1 gt lt input no 1 gt lt io gt Example Sending an email lt xml version 1 0 gt lt email to namel domain de cc name2 domain de gt lt subject gt Test Mail lt subject gt lt body gt Dies ist ein E Mail Text lt body gt lt email gt Example Sending an SMS lt xml version 1 0 gt lt cmgs destaddr 49173 111223344 gt Dies ist der SMS Text lt cmgs gt Example Querying router status lt xml version 1 0 gt lt info gt lt device gt lt radio gt lt ipsec gt lt openvpn gt lt info gt Example Activate the packet data connection ab xmlisrvd 0 4 3 lt xml version 1 0 gt lt io gt lt gprs value 1 gt lt io gt Example De activate the packet data connection ab xmlsrvd 0 4 3 lt xml version 1 0 gt lt io gt lt gprs value 0 gt lt io gt Example Activate the IPsec connection n Replace n with the IPsec tunnel number lt xml version 1 0 gt lt io gt lt ipsec no n value 1 gt lt io gt Example De activate the IPsec connection n Replace n with the IPsec tunnel number lt xml version 1 0 gt lt io gt lt ipsec no n value 0 gt lt io gt User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 47 MC MC TECHNOLOGIES TECHNOLOGIES 2 2 2 Functions test using Windows HyperTerminal
50. s activated Host 1 3 IP address or host name of the reference point for the connection check Local option when dealing with an address which can be reached via a VPN tunnel Check every Check interval in minutes Max retry Number of repetitions until the configured action Activity is performed Activity Reboot Restart the router Reconnect Re establish packet data connection Relogin Restart the cellular interface by redialing the mobile service network None None 1 6 Network Security 1 6 1 General Set up Firmware 1 xx x These settings apply for routers with 1 xx x firmware see Release Version under System Hardware i Important note Routers with Release 1 xx x firmware cannot be updated to Version 2 xx x Please contact the manufacturer MC MRL Logout p ence Wireless Network Firewall Disabled Enabled Network Security Port forwarding via NAT table Disabled Enabled A i Ai Block outgoing Netbios Disabled Enabled NAT table Ping ICMP external ODisabled Enabled 1 0 Web based Management external Disabled Enabled System NAT Masquerade external _ Disabled Enabled Device access via SSH Disabled Enabled External access via SSH Disabled Enabled VPN User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 19 MC TECHNOLOGIES General Set up Firewall Disabled The integrated firewall is deactivated no filtering of data packets Enabled
51. seconds Restart Time period in seconds after which the connection to the remote peer should be restarted if there is no reply to the Keep Alive requests Default setting 120 seconds 30 MC Technologies Router program MC TECHNOLOGIES 1 7 2 2 Port Forwording Rules for Port Forwarding The router has only one IP address via which it can be accessed externally Data packets can be redirected to internal IP address ports via additional transmitted port numbers 4 Logout Status Port Forwarding Local Network tocol Wireless Network Etg infor Network Security TCP 1 VPN Psec OpenVPN Connections Port Forwarding A etitcates Certiicates e iO System Protocol TCP UDP ICMP In Port To Port TCP and UDP only You have the following options To Port 1 direct port input Example In Port 20 To Port 30 2 Port range Example In Port 80 90 To Port 100 110 To IP Input of a target IP address 0 0 0 0 0 means all IP addresses Masq For every individual rule you can determine if IP masquerading should be applied Yes IP masquerading is activated reply to VPN tunnel is possible No Default reply to VPN tunnel is not possible Comment Input comment 1 7 2 3 Certificates Certificate for authentication of the router to the remote peer O Logout Status OpenVPN Certificates Wireless Netw Load Own PKCS 12 Certificate p12 urity Upload Keine Datei ausgew
52. t Set the day of the week for a reboot Time Enter time of reboot in the format Hour Minute Event Input1 A restart can be triggered via a HIGH signal to the switching input I O IN Please ensure that the switching input is ultimately set back to LOW to prevent another restart None No event for a reboot 1 9 12 Firmware Update MC MRL Logout Status amp Local Network Durchsuchen 5 E Wireless Network Upload Durchsuchen_ Keine Datei ausgewahlt Network Security VPN a A Update Web Based Management Hardware Upload Keine Datei ausgewahlt Software System Configuration User Log File SMTP Configuration Configuration Up Download RTC Reboot A Firmware Firmware Update Modem Upload Upload the latest firmware to the router Update Web Based Upload Upload the latest web interface to the router Management Not required as standard because the web interface is included in the firmware and will also be revised when an update is issued 44 MC Technologies Router program MC TECHNOLOGIES 2 2 Additional functions 2 1 Router configuration using SSH and XML file The router can be configured using the SSH protocol via the local Ethernet interface or in remote operation SSH or Secure Shell refers to both a network protocol and a corresponding programme which allows an encrypted net work connection to be generated using a remote device In Linux use console input In Windo
53. t least 5 seconds using a pointed object The router web interface can be readdressed using the default IP address 192 168 0 1 for the Ethernet LAN connection Fa Important note All configuration settings will be deleted and reset to the Factory Defaults setting 1 2 3 Resetting all parameters on the web interface Resetting of all router settings to the factory default mode can be carried out via the internal web interface Please click on the Apply button for the Reset to Factory Defaults function in the System Configuration Up Download sub menu User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 5 MC TECHNOLOGIES 1 3 Status Display basic status information 1 3 1 Radio Display mobile connection MC MRL ti Logout Status Radio Status Radio 3 i d Telekom de Telekom A k onea Provider elekom de Telekom de VO Status Networkstatus registered home Routing Table Signal level LE 63 dBm DHCP Leases Local Network Packet data LTE online Wireless Network SIM 1 IMSI 262014440079038 Network Security Local area code FFFE VPN I O Cell ID 1A51D01 System Radio Status Provider Name of mobile service provider Networkstatus Status in cellular network Registered home Registered in the cellular network Roaming Registered in a third party cellular network Waiting for PIN Waiting for PIN to be entered Waiting for PUK Locked SIM card must be unlocked
54. ted Active VPN connection via the cellular network Not connected No packet data connection in the cellular network IP Address Allocated IP address from the cellular network Netmask Allocated net mask from the cellular network DNS Server IP address of the DNS server Sec DNS Server IP address of the alternate DNS server Expires Only MC MRL LTE remainder duration until prompt for a new IP address RX bytes Sum of received data since last login to cellular network TX bytes Sum of sent data since last login to cellular network Local Network Link Connected The local Ethernet is active Not connected The local Ethernet is not active IP Address Router IP address in the local network Netmask Router net mask in the local network User Manual Web Interface MC MRL MC MRL 4 MC MRH MC MRH 4 MC MRE MC MRE 4 05 2015 7 MC TECHNOLOGIES 1 3 3 I O Status Status information of I O interfaces IN and OUT MC MRL Logout Status Radio Network Connections loput VO Status 1 Low None Routing Table DHCP Leases Local Network Wireless Network Network Security VPN 0 System Input Signal Event 1 Low The signal is low None No event has been triggered High The signal is high SMS An SMS is being sent E Mail An email is being sent Output Signal Event 1 ON Output active Based on Manual ON Remote Controlled ON Radio Net work ON Packet Service ON VPN Service ON Incoming Call ON or Connecti
55. tive when the router is registered in a mobile service network Paket Service The switch output is active when the router has established a packet data connection and received a valid IP address from the provider VPN Service The switch output is active when the router has established a VPN connection Incoming Call The switch output is active when the router is called from a call number entered in the phonebook Caller ID Connection Lost The switch output is active when the router connection check does not reach the configured address Timer Reserved for timer functions Autoreset Autoreset resets the switch output after the preset period of time 1 8 3 Phonebook List of the call numbers for receivers of the SMS messages as well as for authentication Caller Id for authorization to switch the switch outputs Mc MRL Logout Status SMS Phonebook Local Network Wireless Network 1 49170125867 11 Network Security He 12 VPN fy 14 5 15 Hii 16 7 ao 9 10 1 8 4 Socket Server The router includes an integrated socket server and can be made to perform the following actions by receiving XML files 1 Set and query I O signals 2 Send messages such as email and SMS 3 Query the router status To use these functions the socket server must be set to Enabled in the socket configuration The socket server port can be configured as desired the default setting is Port 1432 For examples of sendin
56. vated Communication from a private local network to the Internet is allowed default Device access via SSH Disabled Local configuration via the web interface and https is not possible default Enabled Local configuration via the web interface and https is possible External access via SSH Disabled External configuration via the web interface and https is not possible default Enabled Configuration via the web interface and https is possible 20 MC Technologies Router program MC TECHNOLOGIES 1 6 3 Firewall The MCT router includes a Stateful Packet Inspection Firewall The firewall can be turned on or off see Network Security Setup menu point Firewall The firewall is active by default and blocks incoming data traffic Outgoing data traffic is still possible i The firewall rules are applied from up to down Logout Status Local Network Wireless Network Network Security Protocol From IP From Port TOP 0 00 00 0 Incoming Traffic Outgoing Traffic Protocol From IP System TOP 0000n Firewall Incoming Traffic Protocol TCP UDP ICMP all From IP 0 0 0 0 0 means all IP addresses To enter an address range use CIDR notation To IP From Port only with TCP and UDP You have the following options To Port L Direct port input Example From Port 20 To Port 30 2 Any Examples From Port or To Port Any Any means absolutely any port 3 Port range Example From Port or T
57. ws we recommend using the programs plink exe and pscp exe which can be downloaded at putty org The examples below are based on the router default settings Username admin Password admin Router IP Address 192 168 0 1 2 1 1 Download configuration via SSH You can download the router configuration as an XML file or as a TGZ file For Linux ssh admin 192 168 0 1 su c usr sbin export_cfg gt config xml oder ssh admin 192 168 0 1 su c usr sbin export_cfg tgz gt config tgz For Windows with PLINK EXE plink 2 pw admin admin 192 168 0 1 su c usr sbin export_cfg gt config xml oder plink 2 pw admin admin 192 168 0 1 su c usr sbin export_cfg tgz gt config tgz 2 1 2 Upload configuration via SSH For Linux a a Without router reboot cat config xml ssh admin 192 168 0 1 su c usr sbin store_cfg b b With subsequent router reboot cat config xml ssh admin 192 168 0 1 su c usr sbin store_cfg sbin reboot my ml The password is requested interactively by SSH An automatic batch operation is not possible You can however use the sshpass programme to run a script file comprising the password The script file for example cfgupl sh must contain the following bin bash cat config xml ssh admin 192 168 0 1 su c usr sbin store_cfg sbin reboot The Linux command is as follows sshpass padmin cfgupl sh For Windows with PSCP EXE and PLINK EXE a Without router re
58. ynDNS client Enabled Activate DynDNS client DynDNS Provider Select the name of the provider with whom you are registered i e DynDNS org TZO com dhs org selfHost de custom DynDNS Use the custom DynDNS setting to select your preferred DynDNS provider Please also enter the provider s server address under DynDNS Server DynDNS Username Enter the username for your DynDNS account here DynDNS Password Enter the password for your DynDNS account here DynDNS Hostname The host name selected for this router for DynDNS service Your router can then be reached under this host name 1 5 8 Connection Check For continuous connection monitoring use Connection Check to check for a packet data connection in the mobile service network If the connection is lost an action can be configured for establishing a new connection i Note Please note that frequent connection checks can lead to increased data traffic and corresponding costs 18 MC Technologies Router program MC TECHNOLOGIES 5 Logout Status Connection Check Local Network Status Disabled Enabled Wireless Network Radio Setup SIM Host 1 E Local Backup SIM SMS Configuration Boo Noes Packet Data Setup Host 3 C Local Static Routes DynDNS Connection Check Check every m Favor Security Max retry i N 1 0 Activity System Connection Check Status Disabled Connection check is deactivated default Enabled Connection check i

MC-MRL/MC-MRL-4 MC-MRH/MC-MRH-4 MC-MRE/MC-MRE-4

Contents

Download Pdf Manuals

Related Search

Related Contents