User Guide NTC-140-01 – 4G M2M Router
Important Notice This device, like any wireless device, operates using radio signals which cannot guarantee the transmission and reception of data in all conditions. While the delay or loss of signal is rare, you should not rely solely on any wireless device for emergency communications or otherwise use the device in situations where the interruption of data connectivity could lead to death, personal injury, property damage, data loss, or other loss.
Copyright Copyright© 2017 NetComm Wireless Limited. All rights reserved. The information contained herein is proprietary to NetComm Wireless. No part of this document may be translated, transcribed, reproduced, in any form, or by any means without prior written consent of NetComm Wireless. Note: This document is subject to change without notice.
Table of contents Overview ........................................................................................................................................................................................ 6 Introduction ................................................................................................................................................................................................... 6 Target audience........................................................................
Appendix H: Obtaining a list of RDB variables ......................................................................................................................... 147 Appendix I: Using USB devices and MicroSD™ cards ............................................................................................................ 148 Accessing USB/SD card storage devices ............................................................................................................................................
Overview Introduction This document provides you all the information you need to set up, configure and use the NetComm Wireless NTC-140-01 router. Target audience This document is intended for system integrators or experienced hardware installers who understand telecommunications terminology and concepts.
Product introduction Product overview Powerful and flexible industrial cellular router platform supporting LTE with fallback to 3G/UMTS and GSM/GPRS/EDGE (Fallback only applies to certain models) Ideal for providing primary and backup wireless connectivity over LTE networks Industrial Features – rugged enclosure, wide operating temperature range, wall mount option and a flexible range of power options Embedded Linux operating system allowing for the installation of custom applications.
Physical dimensions and indicators Physical dimensions Below is a list of the physical dimensions of the NTC-140-01 router. Figure 1 – NTC-140-01 router Dimensions NTC-140-01 ROUTER (WITHOUT EXTERNAL ANTENNAS ATTACHED) Length 143 mm Depth 107 mm Height 34 mm Weight ~235g Table 2 - Device Dimensions NetComm Wireless 4G M2M Router 8 www.netcommwireless.com v1.
LED indicators The NTC-140-01 router uses 8 LEDs to display the current system and connection status.
Signal strength LEDs The following tables list the signal strength range corresponding with the number of lit signal strength LEDs.
Ethernet port LED indicators Each of the Ethernet ports of the NTC-140-01 router have two LED indicators on them. Figure 3 - Ethernet port LED indicators The table below describes the statuses of each light and their meanings. LED Green STATUS DESCRIPTION On There is a valid network link. Blinking There is activity on the network link. Off No valid network link detected. On The Ethernet port is operating at a speed of 1000Mbps.
Interfaces 1 2 3 4 6 5 7 8 10 9 Figure 4 - Interfaces NO. ITEM DESCRIPTION 1 Cellular Main antenna connector SMA connector for main cellular antenna. 2 Cellular AUX antenna connector SMA connector for auxiliary cellular antenna. 3 microSD™ card slot Insert a microSD™ card here to provide additional storage (Optional). 4 SIM card slot Insert SIM card here. 5 SIM tray eject button Press to eject the SIM tray 6 Micro USB 2.
Placement of the router The four external high-performance antennas supplied with the router are designed to provide optimum signal strength in a wide range of environments. If you find the signal strength is weak, try adjusting the orientation of the antennas. If you are unable to get an acceptable signal, try moving the router to a different place or mounting it differently.
Wall mounted via DIN rail bracket Figure 7 - Wall mounted via DIN rail bracket DIN rail mount Figure 8 – DIN rail mount NetComm Wireless 4G M2M Router 14 www.netcommwireless.com v1.
Pole mount using DIN rail bracket Figure 9 - Pole mount using DIN rail bracket Desk mount Figure 10 – Desk mount www.netcommwireless.com v1.
Via vertical DIN rail mounting bracket and metal bracket Put four screws through the vertical DIN rail mounting bracket and line them up with the four holes on the metal bracket. Tighten them to affix the vertical DIN rail bracket to the metal bracket. The NTC-140-01 router may then be snapped into the vertical DIN rail bracket.
Attach the vertical DIN rail mounting bracket to the NTC-140-01 by snapping it on to the back of the router, then slide the NTC140-01 router on to the horizontal mounting bracket. The NTC-140-01 router is successfully mounted in a horizontal orientation. www.netcommwireless.com v1.
Installation and configuration of the NTC-140-01 router Powering the router The NTC-140-01 router may be powered using the included power supply cable with 8-40V to the Molex connector. A suitable power supply (PSU-0067) is available as an accessory. The output of the DC power supply shall comply with the Limited Power Source requirements (LPS) of the IEC 60950-1 safety standard. Figure 11 - Molex connector TERMINAL DESCRIPTION − Ground wire. + Positive wire for power.
Advanced configuration The NTC-140-01 router comes with pre-configured settings that should suit most customers. For advanced configuration, log in to the web-based user interface of the router. To log in to the web-based user interface: 1. Open a web browser (e.g. Internet Explorer, Firefox, Google Chrome), type http://192.168.0.1 into the address bar and press Enter. The web-based user interface log in screen is displayed. Figure 12 – Log in prompt for the web-based user interface 2.
Status The status page of the web interface provides system related information and is displayed when you log in to the NTC-140-01 router management console. The status page shows System information, LAN details, Cellular connection status, Packet data connection status, Wireless LAN status and Advanced status details. You can toggle the sections from view by clicking the or buttons to show or hide them. Extra status boxes will appear as additional software features are enabled (e.g. VPN connectivity).
ITEM DEFINITION System information System up time The current uptime of the router. Board version The hardware version of the router. Serial Number The serial number of the router. Firmware version The firmware version of the router Model The type of phone module and the firmware version of the module. Module firmware The firmware revision of the phone module. IMEI The International Mobile Station Equipment Identity number used to uniquely identify a mobile device.
Tracking Area Code (TAC) Identifies a tracking area within a particular network. IMSI The International mobile subscriber identity is a unique identifier of the user of a cellular network. Cell ID A unique code that identifies the base station from within the location area of the current mobile network signal. Channel number (UARFCN) The channel number of the current cellular connection. CID Cellular configuration ID Module PRIID Revision Module version used for customization.
Networking The Networking section provides configuration options for Wireless WAN, LAN, Routing and VPN connectivity. Wireless WAN Data connection The data connection page allows you to configure and enable/disable the connection profile. To access this page, click on the Networking menu, and under the Wireless WAN menu, select the Data connection item. Figure 14 – Data connection settings www.netcommwireless.com v1.
ITEM DEFINITION Profile name Default Sets the corresponding profile to be the default gateway for all outbound traffic except traffic for which there are configured static route rules or profile routing settings. Status Toggles the corresponding profile on and off. Only one profile may be turned on at any time. APN The APN configured for the corresponding profile. Username The username used to log on to the corresponding APN.
2. Click the Profile toggle key to turn the profile on. Additional settings appear. Figure 16 - Data connection settings - Profile turned on 3. In the Profile name field, enter a name for the profile. This name is only used to identify the profile on the router. 4. Ensure that the Automatic APN selection toggle key is set to off. If it is not, click it to toggle it to the off position. 5.
Confirming a successful connection After configuring the packet data session, and ensuring that it is enabled, click on the Status menu item at the top of the page to return to the Status page. When there is a mobile broadband connection, the WWAN section is expanded showing the details of the connection and the Status field displays Connected. To see details on the connected session, you can click the Show data usage button.
Connect on demand The Connect on demand feature keeps the Packet Data Protocol (PDP) context deactivated by default while making it appear to locally connected devices that the router has a permanent connection to the mobile broadband network. When a packet of interest arrives or an SMS wake-up command is received, the router attempts to establish a mobile broadband data connection. When the data connection is established, the router monitors traffic and terminates the link when it is idle.
Setting the router to dial a connection when traffic is detected on specific ports In some situations, you may wish to have the internet connection disabled except at times when outbound traffic to a particular external host’s port or group of ports is sent to the router. To use this feature, click Enable dial port filter and enter the port number or list of port numbers separated by commas.
Setting timers for connection and disconnection The router has a number of timer settings which let you determine when a connection is dialled and when it is disconnected. Figure 23 – Connect on demand - Connect and disconnect timers OPTION DESCRIPTION On data activity, stay online for at least When traffic as per the configured settings above appear, the router will either continue to stay online, or dial a connection and will not disconnect it for the specified time period (min. 1 minute, max.
Manually connecting/disconnecting There may be times when you need to either force a connection to be made or force a disconnection manually. You can use the Manual connect and Manual disconnect buttons to do this whenever necessary. The online status of the connection is displayed above the buttons. Figure 25 - Connect on demand - Online/Offline control When you have finished configuring the options for the Connect on demand feature, click the Save button at the bottom to save your changes.
Operator settings The Operator settings page enables you to select which frequency band you will use for your connection and enables you to scan for available network operators in your area. Figure 27 - Band settings Note: In order to change the operator’s band settings, the data connection must be disabled. When you access this page, you are prompted to disable the data connection if it is already active.
A list of the detected cellular service carriers in your area is displayed. Figure 29 - Detected operator list Note: Certain module firmware versions may not allow forbidden operators to be selected. Select the most appropriate service from the list shown and click Apply. When Select operator mode is set to Automatic, the router selects the most appropriate operator based on the inserted SIM card. This is the default option and is sufficient for most users.
If you are not redirected to the PIN settings page, to unlock the SIM: a) Click on the Networking menu from the top menu bar, and then click SIM security settings. b) Enter the PIN in the Current PIN field and then enter it again in the Confirm current PIN field to confirm the PIN. c) If you are placing the router in a remote, unattended location, you may wish to check the Remember PIN option.
Enabling/Disabling SIM PIN protection The security PIN protection can be turned on or off using the PIN protection toggle key. Figure 32 - PIN Settings Changing the SIM PIN code If you would like to change the PIN, click the Change PIN button and enter the current PIN into the Current PIN and Confirm current PIN fields, then enter the desired PIN into the New PIN and Confirm new PIN fields and click the Save button.
Figure 34 - SIM security settings – PIN unlock successful Unlocking a PUK locked SIM After three incorrect attempts at entering the PIN, the SIM card becomes PUK (Personal Unblocking Key) locked and you are requested to enter a PUK code to unlock it. Note: To obtain the PUK unlock code, you must contact your service provider. You will be issued a PUK to enable you to unlock the SIM and enter a new PIN. Enter the new PIN and PUK codes.
LAN LAN configuration The LAN configuration page is used to configure the LAN settings of the router and to enable or disable DNS Masquerading. To access the LAN configuration page, click on the Networking menu at the top of the screen, then click on the LAN menu on the left. Figure 36 – LAN configuration settings The default IP of the LAN port is 192.168.0.1 with subnet mask 255.255.255.0. To change the IP address or Subnet mask, enter the new IP Address and/or Subnet mask and click the Save button.
DHCP The DHCP page is used to adjust the settings used by the router’s built in DHCP Server which assigns IP addresses to locally connected devices. To access the LAN configuration page, click on the Networking menu at the top of the screen, click on the LAN menu on the left then select the DHCP menu item.
OPTION DESCRIPTION DHCP start range Sets the first IP address of the DHCP range DHCP end range Sets the last IP address of the DHCP range DHCP lease time (seconds) The length of time in seconds that DHCP allocated IP addresses are valid Default domain name suffix Specifies the default domain name suffix for the DHCP clients. A domain name suffix enables users to access a local server, for example, server1, without typing the full domain name server1.domain.
Dynamic DHCP client list The Dynamic DHCP client list displays a list of the DHCP clients. If you want to reserve the current IP address for future use, click the Clone button and the details will be copied to the address reservation list fields. Remember to click the Save button under the Address reservation list section to confirm the configuration. Figure 40 - Dynamic DHCP client list www.netcommwireless.com v1.
Ethernet LAN/WAN The Ethernet LAN/WAN pages provide configuration options for the two built-in Ethernet ports and any USB-to-Ethernet ports you may connect. Ethernet group The Ethernet group page displays the Ethernet interfaces and allows you to configure whether they operate in LAN or WAN mode. To access the Ethernet group page, click on the Networking menu at the top of the screen, click on the Ethernet LAN/WAN menu on the left then select the Ethernet group menu item.
Ethernet WAN The Ethernet WAN page allows you to configure the connection type and metric of the available WAN connections. To access the Ethernet WAN page, click on the Networking menu at the top of the screen, click on the Ethernet LAN/WAN menu on the left then select the Ethernet WAN menu item. Figure 42 - Ethernet WAN configuration OPTION DEFINITION WAN Ethernet Use this field to select the WAN interface to configure.
PPPoE If desired, you can have a client device connected to the Ethernet port initiate the mobile broadband connection using a PPPoE session. This is particularly useful in situations where you wish to provide Wireless WAN data access to an existing router which you want to have full public WAN IP access and have control over routing functionality. The PPPoE connection is established over the highest priority interface. To configure PPPoE: 1.
WAN failover The WAN failover page displays a summary of the configured WAN interfaces and their priorities (Metric). Lower metric values determine higher priority. The priority of the interfaces can be adjusted using the up and down arrows in the Priority column. When the interface with the highest priority goes down, the router fails over to the next highest priority interface. The method used to determine whether an interface is “up” or “down” is defined by the Monitor setting.
Figure 47 - Failover configuration - ping OPTION DESCRIPTION Priority The priority (metric) is a numeric value which determines which interface has priority. Lower priority values mean higher priority. Monitoring method Specifies the means used to determine whether the link is up or down. Verbose logging When enabled, this logs verbose comments in the system log related to the failover monitoring.
Routing Static Static routing is the alternative to dynamic routing used in more complex network scenarios and is used to facilitate communication between devices on different networks. Static routing involves configuring the routers in your network with all the information necessary to allow the packets to be forwarded to the correct destination. If you change the IP address of one of the devices in the static route, the route will be broken.
Figure 49 - Adding a static route Active routing list Static routes are displayed in the Active routing list. Figure 50 - Active routing list Deleting static routes From the static routing list, click the icon to the right of the entry you wish to delete. Figure 51 - Deleting a static route NetComm Wireless 4G M2M Router 46 www.netcommwireless.com v1.
RIP RIP (Routing Information Protocol) is used for advertising routes to other routers. Thus all the routes in the router’s routing table will be advertised to other nearby routers. For example, the route for the router’s Ethernet subnet could be advertised to a router on the PPP interface side so that a router on this network will know how to route to a device on the router’s Ethernet subnet. Static routes must be added manually according to your requirements. See Adding Static Routes.
Redundancy (VRRP) configuration Virtual Router Redundancy Protocol (VRRP) is a non-proprietary redundancy protocol designed to increase the availability of the default gateway servicing hosts on the same subnet. This increased reliability is achieved by advertising a “virtual router” (an abstract representation of master and backup routers acting as a group) as a default gateway to the host(s) instead of one physical router.
Port forwarding The Port forwarding list is used to configure the Network Address Translation (NAT) rules currently in effect on the router. To access the Port forwarding page, click on the Networking menu at the top of the screen, click on the Routing failover menu on the left, then click on the Port forwarding menu item.
DMZ The Demilitarized Zone (DMZ) allows you to configure all incoming traffic on all protocols to be forwarded to a selected device behind the router. This feature can be used to avoid complex port forwarding rules, but it exposes the device to untrusted networks as there is no filtering of what traffic is allowed and what is denied. The DMZ configuration page is used to specify the IP Address of the device to use as the DMZ host.
Router firewall The Router firewall page is used to enable or disable the in-built firewall on the router. When enabled, the firewall performs stateful packet inspection on inbound traffic from the wireless WAN and blocks all unknown services, that is, all services not listed on the Services configuration page of the router. With respect to the other Routing options on the Networking page, the firewall takes a low priority.
MAC / IP / Port filtering The MAC/IP/Port filter feature allows you apply a policy to the traffic that passes through the router, both inbound and outbound, so that network access can be controlled. When the filter is enabled with a default rule of “Accepted”, all connections will be allowed except those listed in the “Current MAC / IP / Port filtering rules in effect” list. Conversely, when the default rule is set to “Dropped”, all connections are denied except for those listed in the filtering rules list.
5. Enter the details of the rule in the section that is displayed and click the Save button. Figure 60 - MAC / IP / Port filtering settings OPTION DESCRIPTION Bound Use the drop down list to select the direction of the traffic for which you want to apply to the rule. Inbound refers to all traffic that is entering the router including data entering from the WAN and the LAN.
VPN A Virtual Private Network (VPN) is a tunnel providing a private link between two networks or devices over a public network. Data to be sent via a VPN needs to be encapsulated and as such is generally not visible to the public network. The advantages of a VPN connection include: Data Protection Access Control Data Origin Authentication Data Integrity Each VPN connection has different configuration requirements.
Figure 63 – IPSec profile edit www.netcommwireless.com v1.
The following table describes each of the fields of the IPSec VPN Connection Settings page. ITEM DEFINITION IPSec Profile Edit IPSec profile Enables or disables the VPN profile. Profile name A name used to identify the VPN connection profile. Phase 1 parameters Remote IPSec address The IP address or domain name of the IPSec server. Select the type of key mode in use for the VPN connection.
OpenVPN OpenVPN is an open source virtual private network (VPN) program for creating point-to-point or server-to-multi-client encrypted tunnels between host computers. It can traverse network address translation (NAT) and firewalls and allows authentication by certificate, pre-shared key or username and password. OpenVPN works well through proxy servers and can run over TCP and UDP transports.
6. The Server certificates section displays the details of the certificate. If you wish to change the certificate, click the Change button. 7. HMAC or Hash-based Message Authentication Code is a means of calculating a message authentication code through the use of a cryptographic hash function and a cryptographic key.
Figure 66 – OpenVPN server profile settings www.netcommwireless.com v1.
Username / Password Authentication In the Username/Password section, enter the username and password you would like to use for authentication on the OpenVPN Server. Click the Download CA certificate or Download CA TGZ depending on file format button to save the ca.crt file. This file will need to be provided to the client.
Certificate Authentication In the Certificate upload section at the bottom of the screen, click the Browse button and locate the certificate file you downloaded when you configured the OpenVPN server. When it has been selected, click the Upload button to send it to the router. Figure 68 - OpenVPN client - Certificate upload Username / Password Authentication Enter the username and password to authenticate with the OpenVPN server.
Figure 70 - OpenVPN P2P mode settings 4. Use the Server port field to select a port number and then use the drop down list to select a packet type to use for the OpenVPN server. The default OpenVPN port is 1194 and default packet type is UDP. 5. In the Local IP Address and Remote IP Address fields, enter the respective local and remote IP addresses to use for the OpenVPN tunnel. The slave should have the reverse settings of the master. 6.
PPTP client The Point-to-Point Tunnelling Protocol (PPTP) is a method for implementing virtual private networks using a TCP and GRE tunnel to encapsulate PPP packets. PPTP operates on Layer 2 of the OSI model and is included on Windows computers. Configuring the PPTP client To configure the PPTP client: 1. From the menu bar at the top of the screen, click Networking and then from the VPN section on the left side of the screen, click PPTP client. The PPTP client list is displayed.
3. Click the Enable PPTP client toggle key to switch it to the ON position. 4. In the Profile name list, enter a profile name for the tunnel. This may be anything you like and is used to identify the tunnel on the router. 5. Use the Username and Password fields to enter the username and password for the PPTP account. 6. In the PPTP server address field, enter the IP address /host domain name of the PPTP server. 7.
GRE tunnelling The Generic Route Encapsulation (GRE) protocol is used in addition to Point-to-Point Tunnelling Protocol (PPTP) to create VPNs (virtual private networks) between clients and servers or between clients only. Once a PPTP control session establishes the VPN tunnel GRE is used to securely encapsulate the data or payload. Configuring GRE tunnelling To configure GRE tunnelling: 1.
3. Click the Enable GRE Tunnel toggle key to switch it to the ON position. 4. In the Profile name, enter a profile name for the tunnel. This may be anything you like and is used to identify the tunnel on the router. 5. In the GRE server address field, enter the IP address or domain name of the GRE server. 6. In the Local tunnel address field, enter the IP address you want to assign the tunnel locally. 7.
Services Dynamic DNS The DDNS page is used to configure the Dynamic DNS feature of the router. A number of Dynamic DNS hosts are available from which to select. To access the Dynamic DNS page, click on the Services menu at the top of the screen then click on the Dynamic DNS menu item on the left. Figure 75 – Dynamic DNS settings Dynamic DNS provides a method for the router to update an external name server with the current WAN IP address. To configure dynamic DNS: 1.
Network time (NTP) The NTP (Network Time Protocol) settings page allows you to configure the NTC-140-01 router to synchronize its internal clock with a global Internet Time server and specify the time zone for the location of the router. This provides an accurate timekeeping function for features such as System Log entries and Firewall settings where the current system time is displayed and recorded. Any NTP server available publicly on the internet may be used. The default NTP server is 0.netcomm.pool.ntp.
Data stream manager The data stream manager provides you with the ability to create mappings between two endpoints on the router. These endpoints may be physical or virtual, for example, a serial port connected to the router’s USB port could be configured as an endpoint or you could configure a TCP Server as an endpoint. You can then configure a virtual data tunnel or “stream” between the endpoints.
Serial port (generic) This creates a generic serial port as an endpoint defaulting to the commonly used settings as shown below. Figure 78 - Serial port (generic) endpoint configuration (Custom) When the Host port is set to Custom, you can use the Custom host port name field to manually specify a device path to use, for example, if using a USB-to-Serial adapter you could telnet to the router and issue the command ls /dev/ttyUSB* to list the paths of the connected USB devices.
TCP client This creates a TCP client endpoint with the following options available. The retry timeout period specifies the number of seconds to wait between attempts to re-establish a connection in the event that it is lost. The client will attempt re-connection indefinitely every Retry timeout interval. Figure 80 - TCP client endpoint configuration UDP server This creates a UDP server endpoint with the following options available.
User defined executable Allows you to specify an executable and parameters to be used as an endpoint. For example, the following executable reads the phone module temperature every second. while true; do rdb_get wwan.0.radio.temperature; sleep 1; done The temperature can then be sent to another endpoint. Figure 83 – User defined executable endpoint configuration ITEM Host port Baud rate DESCRIPTION Use the drop down list to select the serial port to use.
Quiet mode When on, there is no output from the modem on the serial side, i.e. you do not see OK, Connect etc. Recommended setting for this option is OFF. Send OK on carriage return If enabled, will print OK every time CR is received on the serial side. Recommended setting for this option is ON. Suppress line feeds If enabled, line termination is using CR (13). If disabled, line termination is CR LF (13 10). Recommended setting for this option is OFF.
ITEM DESCRIPTION Default - when data stream is established, the module will be initialized to a well-known, safe configuration appropriate for CSD connection.
ITEM DESCRIPTION Primary server IP address The IP address of the TCP server to which the router should attempt the initial connection. Port number The port number that the TCP server operates on. Backup server IP address If connection to the primary server fails, the router will attempt to connect to this address. Port number The port number that the backup TCP server operates on. Inactivity timeout The period, in seconds, that the socket is considered idle/inactive if no packets are sent.
Streams When you have created the required endpoints, you can then proceed to set up a data stream. A data stream sends data from one endpoint to another, performing any transformation of the data as required. When a stream is added, an underlying process on the router checks the validity of the stream, checking for conflicts and illogical configurations.
5. Click the Save button. The new stream appears in the Data stream list. Figure 90 - Data stream list.
PADD PAD Daemon is a tool used to encapsulate raw serial data into a TCP packet to be transported over IP to another end point. The server receiving the TCP packets unpacks the data and the original raw serial data is passed out of its serial port to the attached device, thereby creating an invisible IP network to the two serial devices. The PAD Daemon runs as a background process which can be accessed via the web configuration interface. The PADD configuration page is located under “Services > PADD”.
Remote management SNMP SNMP configuration The SNMP page is used to configure the SNMP features of the router. To access the SNMP configuration page, click on the Services menu at the top of the screen then click on the SNMP menu item on the left. Figure 92 - SNMP configuration SNMP (Simple Network Management Protocol) is used to remotely monitor the router for conditions that may warrant administrative attention.
SNMP traps SNMP traps are messages from the router to the Network Management System sent as UDP packets. They are often used to notify the management system of any significant events such as whether the link is up or down. Configuring SNMP traps To configure SNMP traps: 1. In the Trap destination field, enter the IP address to which SNMP data is to be sent. 2. In the Heartbeat interval field, enter the number of seconds between SNMP heartbeats. 3.
TR-069 To access the TR-069 configuration page, click the Services menu item, then select the TR-069 menu item on the left. Figure 94 - TR-069 configuration The TR-069 (Technical Report 069) protocol is a technical specification also known as CPE WAN Management Protocol (CWMP). It is a framework for remote management and auto-configuration of end-user devices such as customer-premises equipment (CPE) and Auto Configuration Servers (ACS).
The NetComm Wireless router sends “inform” messages periodically to alert the ACS server that it is ready. These inform messages can also be configured to accept a connection request from the ACS server. When a connection is established, any tasks queued on the ACS server are executed. These tasks may be value retrieval or changes and firmware upgrades. TR-069 configuration To configure TR-069: 1. Click the Enable TR-069 toggle key to switch it to the ON position. 2.
OMA Lightweight M2M configuration Note: The OMA Lightweight M2M specification has not yet been finalised. As such, the current implementation of OMALWM2M is experimental and should not be deployed for regular use. We also do not recommend using OMA-LWM2M while the router is connected to an APN providing a publicly routable IP address. The OMA Lightweight M2M (OMA-LWM2M) protocol was designed by the Open Mobile Alliance to provide remote device management specifically for M2M devices.
ITEM DESCRIPTION Enable LWM2M Toggles the OMA-LWM2M function on and off. Server URL The URL of the LWM2M server. This must begin with coap:// or coaps:// and include the server port number. The correct syntax for this field is coap://:. The Server URL field performs validation on the entered address so the field must contain an address in the correct format. Listen port (normal) The port that the router listens on for LWM2M.
IO configuration The NTC-140-01 Router is equipped with a 2 x 2 Molex connector providing Power (+), Ground (−), a multipurpose input and output pin and an ignition detection input.
The table below describes the different modes available on the physical I/O pins of the router. MODE Digital input Digital output Analogue input DESCRIPTION The corresponding pin accepts digital input. Pull up may be on or off and both 3.3V and 8.2V are available as pull up voltages. The value column displays whether the signal received on the pin is High or Low. The corresponding pin outputs a digital signal. Pull up may be on or off and both 3.3V and 8.2V are available as pull up voltages.
Event notification The event notification feature is an advanced remote monitoring tool providing you with the ability to send alerts via SMS, e-mail, TCP or UDP when pre-defined system events occur. Notification configuration The Notification configuration screen is used to select the event types, methods of notification and the destinations for the notifications. Up to four types of alerts for a particular event may be sent to a single destination profile containing the contact details.
ITEM DESCRIPTION Enable event notification Maximum event buffer size Maximum retry count Toggles the event notification feature on and off. Specifies the buffer size for event notifications which failed to be delivered or are yet to be sent. The minimum size is 100 and the maximum is 10000. Specifies the maximum number of attempts that the router will make to deliver an event notification. The range is between 1 and 20.
6. Select the Enable event notification toggle key to turn it to the ON position. 7. If desired, set the Maximum event buffer size, Maximum retry count, Event notification log file and Event notification prefix fields. See table 23 for descriptions of these options. 8. From the Destination column, use the drop down menus to select the desired destination profiles to use for the corresponding events, then select the checkboxes for the types of notifications to send to the chosen destination profile.
Email settings The Email settings screen allows the configuration of the email account that is used to send emails in features such as Event notification. To access the Email settings page, click the Services menu item then select the Email settings menu item on the left. Figure 99 - Email client settings ITEM From CC Email server address (SMTP) Email server port DESCRIPTION Enter the email address of the account you will be using to send emails.
SMS messaging The NTC-140-01 router offers an advanced SMS feature set, including sending messages, receiving messages, redirecting incoming messages to another destination, as well as supporting remote commands and diagnostics messages. Some of the functions supported include: Ability to send a text message via a cellular network and store it in permanent storage. Ability to receive a text message via a cellular network and store it in permanent storage.
OPTION DEFINITION General SMS configuration SMS messaging Toggles the SMS functionality of the router on and off. Messages per page (10-50) The number of SMS messages to display per page. Must be a value between 10 and 50. Encoding scheme The encoding method used for outbound SMS messages. GSM 7-bit mode permits up to 160 characters per message but drops to 50 characters if the message includes special characters.
New message The New message page can be used to send SMS text messages to a single or multiple recipients. To access the New message page, click on the Services menu item from the top menu bar, select the SMS messaging menu on the left then select the New message menu item. A new SMS message can be sent to a maximum of 9 recipients at the same time. After sending the message, the result is displayed next to the destination number as “Success” or “Failure” if the message failed to send.
Inbox / Sent Items The Inbox displays all received messages that are stored on the router while Sent Items displays all sent messages. To access the Inbox page, click on the Services menu item from the top menu bar, select the SMS messaging menu on the left then select the Inbox menu item. Figure 102 - SMS Inbox To access the Sent items page, click on the Services menu item from the top menu bar, select the SMS messaging menu on the left then select the Sent items menu item.
Diagnostics The Diagnostics page is used to configure the SMS diagnostics and command execution configuration. This allows you to change the configuration, perform functions remotely and check on the status of the router via SMS commands. To access the Diagnostics page, click on the Services menu item then select the SMS menu on the left and finally select Diagnostics beneath it.
Only accept authenticated SMS messages Enables or disables checking the sender’s phone number against the allowed sender white list for incoming diagnostics and command execution SMS messages. If authentication is enabled, the router will check if the sender’s number exists in the white list. If it exists, the router then checks the password (if configured) in the incoming message against the password in the white list for the corresponding sending number.
White List for diagnostic or execution SMS The white list is a list of mobile numbers that you can create which are considered “friendly” to the router. If Only accept authenticated SMS messages is enabled in the diagnostics section, the router will compare the mobile number of all incoming diagnostic and command messages against this white list to determine whether the diagnostic or command should be executed. You may optionally configure a password for each number to give an additional level of security.
Sending an SMS Diagnostic Command Follow the steps below to configure the router to optionally accept SMS diagnostic commands only from authenticated senders and learn how to send SMS diagnostic commands to the router. 1. Navigate to the Services > SMS messaging > Diagnostics page 2. Confirm that the Enable remote diagnostics and command execution toggle key is set to the ON position. If it is set to OFF click the toggle key to switch it to the ON position. 3.
SMS command format Generic Format for reading variables: get VARIABLE PASSWORD get VARIABLE Generic Format for writing to variables: set VARIABLE=VALUE PASSWORD set VARIABLE=VALUE Generic Format for executing a command: Execute COMMAND PASSWORD execute COMMAND Replies Upon receipt of a successfully formatted, authenticated (if required) command, the gateway will reply to the SMS in the following format: TYPE SMS CONTENTS get command “VARIABLE=VALUE” set command “Successfully set VARIABLE to VALUE” exe
A password (if required), only needs to be specified once per SMS, but can be prefixed to each command if desired. “PASSWORD get Variable1”; “get VARIABLE2” “PASSWORD set VARIABLE1=VALUE1”; “set VARIABLE2=VALUE2” If the command sent includes the “reboot” command and has already passed the white list password check, the device keeps this password and executes the remaining command line after the reboot with this same password.
List of get/set commands The following table is a partial list of get and set commands which may be performed via SMS. COMMAND NAME EXAMPLE DESCRIPTION get status get status Returns the Module firmware version, LAN IP Address, Network State, Network operator and RSSI. get sessionhistory get sessionhistory Returns the time and date of recent sessions along with the total amount of data sent and received for each session. set syslogserver set syslogserver=123.45.67.
get ledmode get ledmode Returns the status of the LED operation mode. set ledmode set ledmode=10 Sets the LED operation mode to be always on or to turn off after the specified number of minutes. get ssh.proto get ssh.proto Returns the SSH protocol in use. set ssh.proto set ssh.proto=1,2 Sets the SSH Protocol to protocol 1, 2 or both (1,2). get ssh.passauth get ssh.passauth Returns the status of the SSH Enable password authentication option. set ssh.passauth set ssh.
Network scan and manual network selection by SMS Performing a network scan The get plmnscan SMS command enables you to perform a scan of the cellular networks available at the time of the scan.
For example: set forceplmn=0 Sets the selection of operator and network type to automatic mode. set forceplmn=505,3 Sets the operator to a manual selection made by the user where “505” is the Mobile Country Code for Australia and “3” is the Mobile Network Code for Vodafone. As no network type (e.g. LTE/3G/2G) is specified, it is selected automatically.
Send SMS to connect the data connection Required PASSWORD execute pdpup Not required get wanip; get rssi Required PASSWORD get wanip; get rssi Not required set ssh.genkeys=1; set username=test; set auth=pap Required PASSWORD set ssh.
Generate set of public/private keys on the host Not required execute ssh.genkeys Required PASSWORD execute ssh.genkeys Clear client public keys stored on host Not required execute ssh.clearkeys Required PASSWORD execute ssh.clearkeys Table 37 - SMS diagnostics example commands NetComm Wireless 4G M2M Router 106 www.netcommwireless.com v1.
System Log The Log pages are used to display or download the System log and IPSec logs on the router. System log The System Log enables you to troubleshoot any issues you may be experiencing with your NTC-140-01 router. To access the System Log page, click on the System menu. The System Log is displayed. Figure 107 - System log file Log file Use the Display level drop-down list to select a message level to be displayed. The message levels are described in the table below.
IPSec log The IPSec log section provides the ability for you to download the log for the IPSec VPN function. This can assist in troubleshooting any problems you may have with the IPSec VPN. To access the IPSec log page, click on the System menu item then select the Log menu on the left and finally select IPSec log beneath it. Figure 108 - IPSec log Use the Log level drop down list to specify the type of detail you want to capture in the log and then click the Save button.
Event notification log The Event notification log section provides the ability for you to download the log for the Event notification function. This can assist in troubleshooting any problems you may have with the Event notification feature. To access the Event notification log page, click on the System menu item then select the Log menu on the left and finally select Event notification log beneath it.
System log settings To access the System log settings page, click on the System menu item then select the Log menu on the left and finally select System log settings beneath it. Log data is stored in RAM and therefore, when the unit loses power or is rebooted, it will lose any log information stored in RAM. To ensure that log information is accessible between reboots of the router there are two options: 1. Enable the Log to non-volatile memory option 2.
Figure 111 – Remote syslog server configuration ITEM DEFINITION Debug Show extended system log messages with full debugging level details. Info Show informational messages only. Notice Show normal system logging information. Error Show error condition messages only. Table 38 - System log detail levels www.netcommwireless.com v1.
System configuration Settings backup and restore The settings backup and restore page is used to backup or restore the router’s configuration or to reset it to factory defaults. In order to view the settings page you must be logged into the web user interface as root using the password admin.
Upload To access the Upload page, click on the System menu, then System Configuration and then Upload. The Upload page allows you to upload firmware files, HTTPS certificates or user created application packages to the NTC-140-01 router. When firmware files have been uploaded, they can also be installed from this page. PDF files, such as this user guide may also be uploaded for access on the router’s help page.
Figure 114 - File upload 6. Repeat steps 4 and 5 for the main system firmware image. 7. The uploaded firmware images are listed in the Uploaded files section. Click the Install link next to the recovery image to begin installing the recovery firmware image and then click OK on the confirmation window that appears. Figure 115 - Uploaded files 8.
9. Click the Install link to the right of the main firmware image you uploaded and then click OK to confirm that you want to continue with the installation. Note: Do not remove the power when the router’s LEDs are flashing as this is when the firmware update is in process. 10. The installation is complete when the countdown reaches zero. The router attempts to redirect you to the Status page. Figure 117 -– Installing main firmware image 11.
Administration Administration settings To access the Administration Settings page, click on the System menu then the Administration menu on the left and then click on Administration Settings. The Administration settings page is used to enable or disable protocols used for remote access and configure the passwords for the user accounts used to log in to the router. Figure 119 - Administration page NetComm Wireless 4G M2M Router 116 www.netcommwireless.com v1.
OPTION DEFINITION Remote router access control Enable HTTP Enable or disable remote HTTP access to the router. You can also set the port you would like remote HTTP access to be available on. HTTP management port Enter a port number between 1 and 65534 to use when accessing the router remotely. Enable HTTPS Enable or disable remote HTTPS access to the router using a secure connection.
Server certificate What is HTTP Secure? HTTP Secure or HTTPS is the use of the HTTP protocol over an SSL/TLS protocol. It is used primarily to protect against eavesdropping of communication between a web browser and the web site to which it is connected. This is especially important when you wish to have a secure connection over a public network such as the internet. HTTPS connections are secured through the use of certificates issued by trusted certificate authorities such as VeriSign.
CODE COUNTRY CODE COUNTRY CODE COUNTRY CODE COUNTRY AX Åland Islands ER Eritrea LS Lesotho SA Saudi Arabia AD Andorra ES Spain LT Lithuania SB Solomon Islands AE United Arab Emirates ET Ethiopia LU Luxembourg SC Seychelles AF Afghanistan FI Finland LV Latvia SE Sweden AG Antigua and Barbuda FJ Fiji LY Libya SG Singapore AI Anguilla FK Falkland Islands (Malvinas) MA Morocco SH St.
5. When you have entered all the required details, press the Generate button. The certificate takes several minutes to generate. When the certificate has been generated, you are informed that it has been successfully generated and installed. The web server on the router restarts and you are logged out of the router. Click OK to be taken back to the login screen. Figure 121 - New certificate successfully generated message NetComm Wireless 4G M2M Router 120 www.netcommwireless.com v1.
SSH key management Secure Shell (SSH) is UNIX-based command interface and network protocol used to gain secure access to a remote computer, execute commands on a remote machine or to transfer files between machines. It was designed as a replacement for Telnet and other insecure remote shell protocols which send information, including passwords, as plain text. SSH uses RSA public key cryptography for both connection and authentication.
Host key management SSH keys provide a means of identification using public key cryptography and challenge response authentication. This means that a secure connection can be established without transmitting a password, thereby greatly reducing the threat of someone eavesdropping and guessing the correct credentials. SSH Keys always come in pairs with one being a public key and the other a private key. The public key may be shared with any server to which you want to connect.
Client key management The Client Key Management section is used for uploading the public key file of clients. To upload a client public key, click the Upload button, browse to the file and click Open. When the file is uploaded, it is examined for validity. If the key file is not a valid public key, it will not be uploaded. LED operation mode The 8 front LED indicators may be turned off after a timeout period for aesthetic or power saving reasons.
Watchdogs To access the Watchdogs page, click the System menu item, then select the Watchdogs menu item on the left. Figure 124 - Watchdogs Settings Watchdogs are features which monitor the router for anomalies and restart the router if an anomaly occurs preventing its normal operation. When configured, the watchdogs feature transmits controlled ping packets to 1 or 2 user specified IP addresses to confirm an active connection.
The watchdog works as follows: a) The router sends 3 consecutive pings to the first destination address at the interval specified in the Periodic Ping timer field. b) If all 3 pings to the first destination address fail, the router sends 3 consecutive pings to the second destination address at the Periodic Ping timer interval. c) If all 3 pings to the second destination address fail, the router sends 3 pings to the first destination address using the Periodic Ping accelerated timer interval.
Configuring Periodic Ping settings The Periodic Ping settings configure the router to transmit controlled ping packets to 2 specified IP addresses. If the router does not receive responses to the pings, the router will reboot. To configure the ping watchdog: 1. In the First destination address field, enter a website address or IP address to which the router should send the first round of ping requests. 2.
Power management The Power management page provides you with an overview of the power profiles and the ability to configure them. Up to five power profiles may be configured and all of them may be active simultaneously. The Status column indicates whether the profile is active, while the Sleep mode and Wake mode columns summarise the method used to sleep or wake the modem. To access the Power management page, click the System menu item, then select the Power management menu item on the left.
Sleep settings Use the Sleep mode drop down list to select a condition under which the router should enter the sleep state. Sleep after timer When this mode is selected, the router will enter the sleep state after the number of minutes specified in the Sleep after field, regardless of the state of the ignition pin.
Wake settings Use the Wake mode drop down list to select a condition under which the router should return from the sleep state. Wake triggered by ignition pin This mode sets the router to wake up when the signal on the ignition pin reaches the specified value. Figure 131 - Wake up triggered by ignition pin Use the Wake up when ignition pin goes setting to select Low or High. By default, this is set to High.
USB-OTG The USB-OTG page displays the current status of the USB port, i.e. whether it is in Device mode or Host mode. By default, Automatic mode is set to ON, allowing the router to intelligently choose the correct mode. If you wish to manually override this selection, you can turn off Automatic mode and set Host or Device mode yourself. To access the USB OTG page, click the System menu item, then select the USB OTG menu item on the left.
Storage The Storage page provides configuration options with relation to USB and SD storage devices. To access the Storage page, click the System menu item, then select the Storage menu item on the left. Storage device list The Storage devices list displays any connected storage devices and summarises the type, file system, size, used and available space on each device. Additionally, an eject button is provided to unmount the storage device so you can safely remove it.
Reboot The reboot option in the System section performs a soft reboot of the router. This can be useful if you have made configuration changes you want to implement. To reboot the router: 1. Click the System menu item from the top menu bar. 2. Click the Reboot button from the menu on the left side of the screen. Figure 135 - Reboot menu option 3. The router displays a warning that you are about to perform a reboot.
Appendix A: Tables Table 1 - Document Revision History ............................................................................................................................................... 3 Table 2 - Device Dimensions ............................................................................................................................................................ 8 Table 3 - LED Indicators ...................................................................................................
Appendix B: Default Settings The following tables list the default settings for the NTC-140-01 router. LAN (MANAGEMENT) Static IP Address: 192.168.0.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.0.
Restoring factory default settings Restoring factory defaults will reset the NTC-140-01 router to its factory default configuration. You may encounter a situation where you need to restore the factory defaults on your NTC-140-01 router such as: You have lost your username and password and are unable to login to the web configuration page; You are asked to perform a factory reset by support staff.
Appendix C: Recovery mode The NTC-140-01 Router features two independent operating systems, each with its own file systems. These two systems are referred to as 'Main' and 'Recovery'. It is always possible to use one in order to restore the other in the event that one system becomes damaged or corrupted (such as during a firmware upgrade failure). The recovery console provides limited functionality and is typically used to restore the main firmware image in the case of a problem.
Status The status page provides basic information such as the system up time, hardware and software router versions, the router’s serial number, the method used to trigger the recovery mode, the IP and MAC address of the router and the status of the Ethernet port. Figure 138 - Recovery mode - Status Log The log page displays the system log which is useful in troubleshooting problems which may have led to the router booting up in recovery mode.
Application Installer The Application installer is designed to upload and install main firmware images, upload recovery firmware images, custom applications and HTTPS certificates. Use the Browse button to select a file to be uploaded to the router. When it has been selected, press the Upload button. The file is sent to the router and when the transfer is complete, the file appears in the Uploaded files list. From the Uploaded files list, you are able to either Install or Delete a file.
Appendix D: HTTPS Uploading a self-signed certificate If you have your own self-signed certificate or one purchased elsewhere and signed by a Certificate Authority, you can upload it to the NTC-140-01 router using the Upload page. Note: Your key and certificate files must be named server.key and server.crt respectively otherwise they will not work. To upload your certificate: 1. Click on the System item from the top menu bar. From the side menu bar, select System Configuration and then Upload.
3. Click the Upload button to begin uploading it to the router. The file appears in the list of files stored on the router. Figure 145 - Server certificate file uploaded 4. Repeat steps 2 and 3 for the server key file. 5. Click the Install link next to the server.crt file then click OK on the prompt that is displayed. The certificate file is installed. Repeat this for the key file. When each file is installed it is removed from the list of stored files. Figure 146 - Installing the server.
Appendix E: RJ-45 connectors The RJ-45 connectors provide an interface for a data connection and for device input power using the pin layout shown below.
Appendix G: Input/Output Overview The NTC-140-01 router is equipped with a 2 x 2 Molex connector providing a multipurpose input and output terminal as well as a dedicated ignition input.
Wiring Examples The following examples are shown as a guide as to what can be achieved by the I/O features. It is up to the system integrator to have enough knowledge about the interface to be able to achieve the required results. Note: NetComm Wireless does not offer any further advice on the external wiring requirements or wiring to particular sensors, and will not be responsible for any damage to the unit or any other device used in conjunction with it.
Digital inputs There are several ways to connect a digital input. A digital input can be anything from a simple switch to a digital waveform or pulses. The unit will read the voltage in as an analogue input and the software will decode it in a certain way depending on your configuration. Below is a contact closure type input, which is detecting an Earth. Pull up is activated for this to work. The following input detects an input going high. The turn on/off threshold can be set in the software.
Analogue Sensor with Voltage output There are various analogue sensors that connect directly to the unit which can provide a voltage output. These would require an external power source which may or may not be the same as the unit itself. The voltage range they provide can be between 0V and 30V. Some common sensor output ranges include 0V to 10V. The pull up resistor is not activated in this case. Analogue Sensor with 4 to 20mA output Another common type of sensor type is the 4-20mA current loop sensor.
System Example –Solar powered Router with battery backup The previous examples of wiring can be used to come up with a system. The following test case is an example of how the I/O’s can be used to enhance a simple router setup. NetComm Wireless 4G M2M Router 146 www.netcommwireless.com v1.
Appendix H: Obtaining a list of RDB variables The RDB is a database of variables that contain settings on the router. You can retrieve (get) and set the values of these variables through the command-line or via SMS Diagnostics. To access a full list of the RDB variables, follow these steps: 1. Log in to the web user interface as described in the Advanced configuration section of this guide. 2. Click the System menu at the top of the screen, then select the Administration menu on the left.
Appendix I: Using USB devices and MicroSD™ cards The NTC-140-01 router features a Micro USB 2.0 OTG port capable of supplying 0.5A to connected devices and a microSD™ card slot allowing additional storage. The Micro USB port supports both USB storage devices as well as certain USB accessories, including USB-to-Ethernet adapters and USB-to-Serial cables. Accessing USB/SD card storage devices When a USB storage device or microSD™ card is inserted, the router automatically mounts the storage.
Safety and product care RF Exposure Your device contains a transmitter and a receiver. When it is on, it receives and transmits RF energy. When you communicate with your device, the system handling your connection controls the power level at which your device transmits. This device meets the government’s requirements for exposure to radio waves.
Under Industry Canada regulations, this radio transmitter may only operate using an antenna of a type and maximum (or lesser) gain approved for the transmitter by Industry Canada. To reduce potential radio interference to other users, the antenna type and its gain should be so chosen that the equivalent isotropically radiated power (e.i.r.p.
IC regulations CAN ICES-3(B)/NMB-3(B) This device complies with Industry Canada licence-exempt RSS standard(s). Operation is subject to the following two conditions: (1) this device may not cause interference, and (2) this device must accept any interference, including interference that may cause undesired operation of the device. Le présent appareil est conforme aux CNR d’Industrie Canada applicables aux appareils radio exempts de licence.
Product handling You alone are responsible for how you use your device and any consequences of its use. You must always switch off your device wherever the use of a mobile phone is prohibited. Do not use the device without the clip-on covers attached, and do not remove or change the covers while using the device. Use of your device is subject to safety measures designed to protect users and their environment. Always treat your device and its accessories with care and keep it in a clean and dust-free place.
Interference Care must be taken when using the device in close proximity to personal medical devices, such as pacemakers and hearing aids. Pacemakers Pacemaker manufacturers recommend that a minimum separation of 15cm be maintained between a device and a pacemaker to avoid potential interference with the pacemaker. Hearing aids People with hearing aids or other cochlear implants may experience interfering noises when using wireless devices or when one is nearby.
Product Warranty For warranty information please visit http://www.netcommwireless.com/product/m2m/ntc-140 NetComm Wireless 4G M2M Router 154 www.netcommwireless.com v1.