User Guide NTC-140W Series – 4G WiFi M2M Router
Copyright Copyright© 2014 NetComm Wireless Limited. All rights reserved. The information contained herein is proprietary to NetComm Wireless. No part of this document may be translated, transcribed, reproduced, in any form, or by any means without prior written consent of NetComm Wireless. Note: This document is subject to change without notice.
Table of Contents Overview ........................................................................................................................................................................................ 5 Introduction ................................................................................................................................................................................................... 5 Target audience........................................................................
Settings ..................................................................................................................................................................................................... 135 Reboot ...................................................................................................................................................................................................... 135 Appendix D: HTTPS - Uploading a self-signed certificate ..................................
Overview Introduction This document provides you all the information you need to set up, configure and use the NetComm Wireless NTC-140W Series router. Target audience This document is intended for system integrators or experienced hardware installers who understand telecommunications terminology and concepts.
Product introduction Product overview Powerful and flexible industrial cellular router platform supporting LTE with fallback to 3G/UMTS and GSM/GPRS/EDGE (Fallback only applies to certain models) Ideal for providing primary and backup wireless connectivity over LTE networks Industrial Features – rugged enclosure, wide operating temperature range, wall mount option and a flexible range of power options Embedded Linux operating system allowing for the installation of custom applications.
Physical dimensions and indicators Physical dimensions Below is a list of the physical dimensions of the NTC-140W Series router. Figure 1 – NTC-140W Series router Dimensions NTC-140W SERIES ROUTER (WITHOUT EXTERNAL ANTENNAS ATTACHED) Length 143 mm Depth 107 mm Height 34 mm Weight ~235g Table 2 - Device Dimensions www.netcommwireless.
LED indicators The NTC-140W Series router uses 8 LEDs to display the current system and connection status.
Signal strength LEDs The following table lists the signal strength range corresponding with the number of lit signal strength LEDs. NUMBER OF LIT LEDS SIGNAL STRENGTH All LEDs unlit < -109 dBm 1 -109 dBm to -102dBm 2 -101 dBm to -92 dBm 3 -91 dBm to -86 dBm 4 -85 dBm to -78 dBm 5 ≥ -77 dBm Table 4 - Signal strength LED descriptions LED update interval The signal strength LEDs update within a few seconds with a rolling average signal strength reading.
Interfaces 1 2 3 4 5 6 7 9 8 10 12 11 1 Figure 4 - Interfaces NO. ITEM DESCRIPTION 1 Cellular Main antenna connector SMA connector for main cellular antenna. 2 GPS antenna connector SMA connector for GPS antenna (not included in package). 3 Cellular AUX antenna connector SMA connector for auxiliary cellular antenna. 4 WiFi antenna connectors Reverse polarity SMA connectors for WiFi antennas.
Placement of the router The four external high-performance antennas supplied with the router are designed to provide optimum signal strength in a wide range of environments. If you find the signal strength is weak, try adjusting the orientation of the antennas. If you are unable to get an acceptable signal, try moving the router to a different place or mounting it differently.
Wall mounted via DIN rail bracket Figure 7 - Wall mounted via DIN rail bracket DIN rail mount Figure 8 – DIN rail mount NetComm Wireless 4G WiFi M2M Router 12 www.netcommwireless.
Pole mount using DIN rail bracket Figure 9 - Pole mount using DIN rail bracket Desk mount Figure 10 – Desk mount www.netcommwireless.
Installation and configuration of the NTC-140W Series router Powering the router The NTC-140W Series router may be powered using the included power supply cable with 8-40V to the Molex connector. A suitable power supply (PSU-0039) is available as an accessory. The diagram below shows the layout of the pins on the Molex connector. Figure 11 - Molex connector TERMINAL DESCRIPTION − Ground wire. + Positive wire for power. i Dedicated terminal for ignition detection. I/O Input/output detection.
Advanced configuration The NTC-140W Series router comes with pre-configured settings that should suit most customers. For advanced configuration, log in to the web-based user interface of the router. To log in to the web-based user interface: 1. Open a web browser (e.g. Internet Explorer, Firefox, Google Chrome), type http://192.168.1.1 into the address bar and press Enter. The web-based user interface log in screen is displayed. Figure 12 – Log in prompt for the web-based user interface 2.
Status The status page of the web interface provides system related information and is displayed when you log in to the NTC-140W Series router management console. The status page shows System information, LAN details, Cellular connection status, Packet data connection status, Wireless LAN status and Advanced status details. You can toggle the sections from view by clicking the or buttons to show or hide them. Extra status boxes will appear as additional software features are enabled (e.g. VPN connectivity).
ITEM DEFINITION System information System up time The current uptime of the router. Board version The hardware version of the router. Serial Number The serial number of the router. Firmware version The firmware version of the router Model The type of phone module and the firmware version of the module. Module firmware The firmware revision of the phone module. IMEI The International Mobile Station Equipment Identity number used to uniquely identify a mobile device.
SIM ICCID The Integrated Circuit Card Identifier of the SIM card used with the router, a unique number up to 19 digits in length. Power input mode Displays the power source being used. Location area code (LAC) The ID of the cell tower grouping the current signal is broadcasting from. IMSI The International mobile subscriber identity is a unique identifier of the user of a cellular network.
Networking The Networking section provides configuration options for Wireless WAN, LAN, Routing and VPN connectivity. Data Connection The data connection page allows you to configure and enable/disable the connection profile. To access this page, click on the Networking menu, and under the Wireless WAN menu, select the Data connection item. Figure 14 – Data connection settings www.netcommwireless.
ITEM DEFINITION Data connection Transparent Bridge (PPPoE) Toggles the transparent bridge function on and off. Profile name list Default Sets the corresponding profile to be the default gateway for all outbound traffic except traffic for which there are configured static route rules or profile routing settings. Status Toggles the corresponding profile on and off. Only one profile may be turned on at any time.. APN The APN configured for the corresponding profile.
2. Click the Profile toggle key to turn the profile on. Additional settings appear. Figure 16 - Data connection settings - Profile turned on 3. In the Profile name field, enter a name for the profile. This name is only used to identify the profile on the router. 4. Ensure that the Automatic APN selection toggle key is set to off. If it is not, click it to toggle it to the off position. 5.
Confirming a successful connection After configuring the packet data session, and ensuring that it is enabled, click on the Status menu item at the top of the page to return to the Status page. When there is a mobile broadband connection, the WWAN section is expanded showing the details of the connection and the Status field displays Connected. To see details on the connected session, you can click the Show data usage button.
Figure 19 - Transparent bridge mode status 7. Next you must configure your downstream device connected via Ethernet to the NTC-140W to initiate a network connection using a PPPoE client. The username and password used by the downstream device for the PPPoE session will be passed on and used by the NTC-140W as the packet data (PDP) context authentication settings. www.netcommwireless.
Connect on demand The Connect on demand feature keeps the Packet Data Protocol (PDP) context deactivated by default while making it appear to locally connected devices that the router has a permanent connection to the mobile broadband network. When a packet of interest arrives or an SMS wake-up command is received, the router attempts to establish a mobile broadband data connection. When the data connection is established, the router monitors traffic and terminates the link when it is idle.
Setting the router to dial a connection when traffic is detected on specific ports In some situations, you may wish to have the internet connection disabled except at times when outbound traffic to a particular external host’s port or group of ports is sent to the router. To use this feature, click Enable dial port filter and enter the port number or list of port numbers separated by commas.
Setting timers for connection and disconnection The router has a number of timer settings which let you determine when a connection is dialled and when it is disconnected. Figure 25 – Connect on demand - Connect and disconnect timers OPTION DESCRIPTION On data activity, stay online for at least When traffic as per the configured settings above appear, the router will either continue to stay online, or dial a connection and will not disconnect it for the specified time period (min. 1 minute, max.
Manually connecting/disconnecting There may be times when you need to either force a connection to be made or force a disconnection manually. You can use the Manual connect and Manual disconnect buttons to do this whenever necessary. The online status of the connection is displayed above the buttons. Figure 27 - Connect on demand - Online/Offline control When you have finished configuring the options for the Connect on demand feature, click the Save button at the bottom to save your changes.
Operator settings The Operator settings page enables you to select which frequency band you will use for your connection and enables you to scan for available network operators in your area. Figure 29 - Band settings Note: In order to change the operator’s band settings, the data connection must be disabled. When you access this page, you are prompted to disable the data connection if it is already active.
A list of the detected cellular service carriers in your area is displayed. Figure 31 - Detected operator list Select the most appropriate service from the list shown and click Apply. When Select operator mode is set to Automatic, the router selects the most appropriate operator based on the inserted SIM card. This is the default option and is sufficient for most users.
b) Enter the PIN in the Current PIN field and then enter it again in the Confirm current PIN field to confirm the PIN. c) If you are placing the router in a remote, unattended location, you may wish to check the Remember PIN option. This feature allows the router to automatically send the PIN to the SIM each time the SIM asks for it (usually at power up).
Enabling/Disabling SIM PIN protection The security PIN protection can be turned on or off using the PIN protection toggle key. Figure 34 - PIN Settings Changing the SIM PIN code If you would like to change the PIN, click the Change PIN button and enter the current PIN into the Current PIN and Confirm current PIN fields, then enter the desired PIN into the New PIN and Confirm new PIN fields and click the Save button.
Figure 36 - SIM security settings – PIN unlock successful Unlocking a PUK locked SIM After three incorrect attempts at entering the PIN, the SIM card becomes PUK (Personal Unblocking Key) locked and you are requested to enter a PUK code to unlock it. Note: To obtain the PUK unlock code, you must contact your service provider. You will be issued a PUK to enable you to unlock the SIM and enter a new PIN. Enter the new PIN and PUK codes.
LAN LAN configuration The LAN configuration page is used to configure the LAN settings of the router and to enable or disable DNS Masquerading. Figure 38 – LAN configuration settings The default IP of the LAN port is 192.168.1.1 with subnet mask 255.255.255.0. To change the IP address or Subnet mask, enter the new IP Address and/or Subnet mask and click the Save button. Note: If you change the IP address, remember to reboot the router and enter the new IP address into your browser address bar.
DHCP The DHCP page is used to adjust the settings used by the router’s built in DHCP Server which assigns IP addresses to locally connected devices. DHCP relay configuration In advanced networks configurations where the NTC-140W Series router should not be responsible for DHCP assignment, but instead an existing DHCP server is located on the Wireless WAN or LAN connections, the clients behind the NTC-140W Series router are able to communicate with the DHCP server when DHCP relay is enabled.
OPTION DESCRIPTION DHCP start range Sets the first IP address of the DHCP range DHCP end range Sets the last IP address of the DHCP range DHCP lease time (seconds) The length of time in seconds that DHCP allocated IP addresses are valid Default domain name suffix Specifies the default domain name suffix for the DHCP clients. A domain name suffix enables users to access a local server, for example, server1, without typing the full domain name server1.domain.
Dynamic DHCP client list The Dynamic DHCP client list displays a list of the DHCP clients. If you want to reserve the current IP address for future use, click the Clone button and the details will be copied to the address reservation list fields. Remember to click the Save button under the Address reservation list section to confirm the configuration. Figure 42 - Dynamic DHCP client list NetComm Wireless 4G WiFi M2M Router 36 www.netcommwireless.
Wireless settings The Wireless settings pages allow you to configure the WiFi settings of the router. The NTC-140W is capable of running both access point and wireless client modes simultaneously, however, they must both use the same channel number. AP basic The AP basic page provides options such as for turning the WiFi access point on or off, modes of operation, frequency and security settings.
Figure 44 - Wireless Settings – SSID and Security Settings OPTION DEFINITION SSID The SSID (Service Set Identifier) or Network Name in use for the wireless network. Activate this SSID Enables or disables the network selected in the SSID drop down list. Broadcast SSID Toggles whether the router broadcasts the SSID or whether it is hidden from wireless network scans. Network Authentication The wireless security settings. See below for in depth analysis.
AP advanced The advanced wireless configuration page allows you to modify advanced wireless access point settings of your router. These settings are set to optimal settings for most situations and should not be changed unless you are aware of the effect that your changes will have. Figure 45 - Wireless Settings - Advanced OPTION DEFINITION Maximum number of connected clients The maximum number of wireless clients that may connect to the access point. This may be a maximum of 255.
AP MAC filtering The Wireless LAN AP MAC filter feature ensures the network accessibility for the wireless client devices can be controlled. When the MAC filter is enabled with an Allow policy only those wireless clients whose MAC address is listed in the MAC filter list will be able to gain network access. All other wireless client devices will be denied network access.
AP hotspot The wireless hotspot feature provides internet access to WiFi clients with the option of forcing users to agree to terms of use. This feature is often used where wireless access is provided to customers in a public area and allows you to configure a speed limit on the network, limit the number of clients, configure idle and session timeouts and select to authenticate with remote RADIUS servers.
ITEM DESCRIPTION Hotspot functionality Turns the wireless hotspot feature on or off. LAN interface Specifies the LAN interface to use for the wireless hotspot. Max client connections The maximum number of wireless clients permitted to connect to the wireless hotspot. Max downlink bandwidth The maximum downlink speed in kilobits per second. Max uplink bandwidth The maximum uplink speed in kilobits per second.
Client configuration As a wireless client, the NTC-140W is able to connect to another wireless access point to gain network or internet access. The Client configuration page provides the ability to turn on or off the wireless radio, find nearby access points and configure a connection to an access point. The NTC-140W may run both Access Point and Client simultaneously, however, since they share the wireless channel, both client and access point must use the same channel.
Scanning for a network To find a nearby network to connect to, click the Scan button. A list of discovered networks appears at the bottom of the screen. Click the corresponding Connect button for the network to which you would like to connect. Figure 50 - Access point list The network’s details are copied across to the Client configuration page. If the wireless network is secured, enter the authentication details, then click the Save button. NetComm Wireless 4G WiFi M2M Router 44 www.netcommwireless.
Ethernet LAN/WAN The Ethernet LAN/WAN pages provide configuration options for the two built-in Ethernet ports and any USB-to-Ethernet ports you may connect. Ethernet group The Ethernet group page displays the Ethernet interfaces and allows you to configure whether they operate in LAN or WAN mode. Figure 51 - Ethernet group configuration OPTION DEFINITION # A number identifying the interface on the router. Description A description of the type of interface.
Ethernet WAN The Ethernet WAN page allows you to configure the connection type and metric of the available WAN connections. Figure 52 - Ethernet WAN configuration OPTION DEFINITION WAN Ethernet Use this field to select the WAN interface to configure. Connection Type Selects whether the WAN interface has static IP settings or DHCP. IP address The IP address to assign to the selected WAN interface. Subnet mask The Subnet mask of the IP address above.
WAN failover The WAN failover page displays a summary of the configured WAN interfaces and their priorities (Metric). Lower metric values determine higher priority. The priority of the interfaces can be adjusted using the up and down arrows in the Priority column. When the interface with the highest priority goes down, the router fails over to the next highest priority interface. The method used to determine whether an interface is “up” or “down” is defined by the Monitor setting.
OPTION DESCRIPTION Priority The priority (metric) is a numeric value which determines which interface has priority. Lower priority values mean higher priority. Monitoring method Specifies the means used to determine whether the link is up or down. Verbose logging When enabled, this logs verbose comments in the system log related to the failover monitoring.
Routing Static Static routing is the alternative to dynamic routing used in more complex network scenarios and is used to facilitate communication between devices on different networks. Static routing involves configuring the routers in your network with all the information necessary to allow the packets to be forwarded to the correct destination. If you change the IP address of one of the devices in the static route, the route will be broken.
Figure 57 - Adding a static route Active routing list Static routes are displayed in the Active routing list. Figure 58 - Active routing list Deleting static routes From the static routing list, click the icon to the right of the entry you wish to delete. Figure 59 - Deleting a static route NetComm Wireless 4G WiFi M2M Router 50 www.netcommwireless.
RIP RIP (Routing Information Protocol) is used for advertising routes to other routers. Thus all the routes in the router’s routing table will be advertised to other nearby routers. For example, the route for the router’s Ethernet subnet could be advertised to a router on the PPP interface side so that a router on this network will know how to route to a device on the router’s Ethernet subnet. Static routes must be added manually according to your requirements. See Adding Static Routes.
Redundancy (VRRP) configuration Virtual Router Redundancy Protocol (VRRP) is a non-proprietary redundancy protocol designed to increase the availability of the default gateway servicing hosts on the same subnet. This increased reliability is achieved by advertising a “virtual router” (an abstract representation of master and backup routers acting as a group) as a default gateway to the host(s) instead of one physical router.
Port Forwarding The Port forwarding list is used to configure the Network Address Translation (NAT) rules currently in effect on the router. Figure 62 – Port forwarding list The purpose of the port forwarding feature is to allow mapping of inbound requests to a specific port on the WAN IP address to a device connected on the Ethernet interface. Adding a port forwarding rule To create a new port forwarding rule: 1. Click the +Add button. The port forwarding settings screen is displayed. 2.
Figure 63 - Port forwarding settings To delete a port forwarding rule, click the delete. NetComm Wireless 4G WiFi M2M Router 54 button on the Port forwarding list for the corresponding rule that you would like to www.netcommwireless.
DMZ The Demilitarized Zone (DMZ) allows you to configure all incoming traffic on all protocols to be forwarded to a selected device behind the router. This feature can be used to avoid complex port forwarding rules, but it exposes the device to untrusted networks as there is no filtering of what traffic is allowed and what is denied. The DMZ configuration page is used to specify the IP Address of the device to use as the DMZ host. Figure 64 - DMZ configuration 1.
Router firewall The Router firewall page is used to enable or disable the in-built firewall on the router. When enabled, the firewall performs stateful packet inspection on inbound traffic from the wireless WAN and blocks all unknown services, that is, all services not listed on the Services configuration page of the router. With respect to the other Routing options on the Networking page, the firewall takes a low priority.
MAC / IP / Port filtering The MAC/IP/Port filter feature allows you apply a policy to the traffic that passes through the router, both inbound and outbound, so that network access can be controlled. When the filter is enabled with a default rule of “Accepted”, all connections will be allowed except those listed in the “Current MAC / IP / Port filtering rules in effect” list. Conversely, when the default rule is set to “Dropped”, all connections are denied except for those listed in the filtering rules list.
5. Enter the details of the rule in the section that is displayed and click the Save button. Figure 68 - MAC / IP / Port filtering settings OPTION DESCRIPTION Bound Use the drop down list to select the direction of the traffic for which you want to apply to the rule. Inbound refers to all traffic that is entering the router including data entering from the WAN and the LAN.
VPN A Virtual Private Network (VPN) is a tunnel providing a private link between two networks or devices over a public network. Data to be sent via a VPN needs to be encapsulated and as such is generally not visible to the public network. The advantages of a VPN connection include: Data Protection Access Control Data Origin Authentication Data Integrity Each VPN connection has different configuration requirements.
Figure 71 – IPSec profile edit NetComm Wireless 4G WiFi M2M Router 60 www.netcommwireless.
The following table describes each of the fields of the IPSec VPN Connection Settings page. ITEM DEFINITION IPSec profile Enables or disables the VPN profile. Profile name A name used to identify the VPN connection profile. Remote IPSec address The IP address or domain name of the IPSec server. Remote LAN address Enter the IP address of the remote network for use on the VPN connection. Remote LAN subnet mask Enter the subnet mask in use on the remote network.
OpenVPN OpenVPN is an open source virtual private network (VPN) program for creating point-to-point or server-to-multi-client encrypted tunnels between host computers. It can traverse network address translation (NAT) and firewalls and allows authentication by certificate, pre-shared key or username and password. OpenVPN works well through proxy servers and can run over TCP and UDP transports.
Certificate Authentication In the Certificate Management section, enter the required details to create a client certificate. All fields are required. When you have finished entering the details, click the Generate button. Figure 73 - OpenVPN server configuration – Certificate management When it is done, you can click the Download P12 button or the Download TGZ button to save the certificate file depending on which format you would like.
Figure 74 – OpenVPN server profile settings NetComm Wireless 4G WiFi M2M Router 64 www.netcommwireless.
Username / Password Authentication In the Username/Password section, enter the username and password you would like to use for authentication on the OpenVPN Server. Click the Download CA certificate or Download CA TGZ depending on file format button to save the ca.crt file. This file will need to be provided to the client.
Certificate Authentication In the Certificate upload section at the bottom of the screen, click the Browse button and locate the certificate file you downloaded when you configured the OpenVPN server. When it has been selected, click the Upload button to send it to the router. Figure 76 - OpenVPN client - Certificate upload Username / Password Authentication Enter the username and password to authenticate with the OpenVPN server.
Figure 78 - OpenVPN P2P mode settings 4. Use the Server port field to select a port number and then use the drop down list to select a packet type to use for the OpenVPN server. The default OpenVPN port is 1194 and default packet type is UDP. 5. In the Local IP Address and Remote IP Address fields, enter the respective local and remote IP addresses to use for the OpenVPN tunnel. The slave should have the reverse settings of the master. 6.
PPTP-Client The Point-to-Point Tunnelling Protocol (PPTP) is a method for implementing virtual private networks using a TCP and GRE tunnel to encapsulate PPP packets. PPTP operates on Layer 2 of the OSI model and is included on Windows computers. Configuring the PPTP Client To configure the PPTP client: 1. From the menu bar at the top of the screen, click Networking and then from the VPN section on the left side of the screen, click PPTP client. The PPTP client list is displayed.
3. Click the Enable PPTP client toggle key to switch it to the ON position. 4. In the Profile name list, enter a profile name for the tunnel. This may be anything you like and is used to identify the tunnel on the router. 5. Use the Username and Password fields to enter the username and password for the PPTP account. 6. In the PPTP server address field, enter the IP address /host domain name of the PPTP server. 7.
GRE tunnelling The Generic Route Encapsulation (GRE) protocol is used in addition to Point-to-Point Tunnelling Protocol (PPTP) to create VPNs (virtual private networks) between clients and servers or between clients only. Once a PPTP control session establishes the VPN tunnel GRE is used to securely encapsulate the data or payload. Configuring GRE tunnelling To configure GRE tunnelling: 1.
3. Click the Enable GRE Tunnel toggle key to switch it to the ON position. 4. In the Profile name, enter a profile name for the tunnel. This may be anything you like and is used to identify the tunnel on the router. 5. In the GRE server address field, enter the IP address or domain name of the GRE server. 6. In the Local tunnel address field, enter the IP address you want to assign the tunnel locally. 7.
Services Dynamic DNS The DDNS page is used to configure the Dynamic DNS feature of the router. A number of Dynamic DNS hosts are available from which to select. Figure 83 – Dynamic DNS settings Dynamic DNS provides a method for the router to update an external name server with the current WAN IP address. To configure dynamic DNS: 1. Click the DDNS configuration toggle key to switch it to the ON position. 2. From the Dynamic DNS drop down list, select the Dynamic DNS service that you wish to use.
Network time (NTP) The NTP (Network Time Protocol) settings page allows you to configure the NTC-140W Series router to synchronize its internal clock with a global Internet Time server and specify the time zone for the location of the router. This provides an accurate timekeeping function for features such as System Log entries and Firewall settings where the current system time is displayed and recorded. Any NTP server available publicly on the internet may be used. The default NTP server is 0.netcomm.
Data stream manager The data stream manager provides you with the ability to create mappings between two endpoints on the router. These endpoints may be physical or virtual, for example, a serial port connected to the router’s USB port could be configured as an endpoint or you could configure a TCP Server as an endpoint. You can then configure a virtual data tunnel or “stream” between the endpoints.
To create an endpoint: 1. Click the +Add button on the right side of the page. A pop-up window appears. Figure 86 - Creating an endpoint 2. In the Endpoint name field, type a name for this endpoint. The name can contain alphanumeric characters only i.e. A-Z, az, 0-9. 3. Use the Endpoint types drop down list to select the type of endpoint to configure.
TCP client: This creates a TCP client endpoint with the following options available. The retry timeout period specifies the number of seconds to wait between attempts to re-establish a connection in the event that it is lost. The client will attempt re-connection indefinitely every Retry timeout interval. Figure 89 - TCP client endpoint configuration UDP server: This creates a UDP server endpoint with the following options available.
GPS data: This creates a GPS data endpoint. Figure 92 - GPS data endpoint configuration 4. Click the OK button. The router displays a screen with configuration options for your chosen endpoint type. 5. Enter the options for your endpoint as required. 6. Click the Save button. The Endpoints list is displayed with the newly created endpoint listed and a summary of the settings your configured.
10. Under Endpoint B, use the Endpoint name drop down list to select one of the endpoints you created previously. This endpoint should be the destination of the stream. The screenshot below shows a configuration sending data received on an attached serial port to a TCP server running on the router. Use the Mode drop down list to select the mode of operation of the endpoint. The mode can be thought of as a transformation of the data as it arrives at this endpoint. Figure 95 - Edit data stream 11.
PADD PAD Daemon is a tool used to encapsulate raw serial data into a TCP packet to be transported over IP to another end point. The server receiving the TCP packets unpacks the data and the original raw serial data is passed out of its serial port to the attached device, thereby creating an invisible IP network to the two serial devices. The PAD Daemon runs as a background process which can be accessed via the web configuration interface. The PADD configuration page is located under “Services > PADD”.
SNMP SNMP configuration The SNMP page is used to configure the SNMP features of the router. Figure 98 - SNMP configuration SNMP (Simple Network Management Protocol) is used to remotely monitor the router for conditions that may warrant administrative attention. It can be used to retrieve information from the router such as the signal strength, the system time and the interface status. To configure SNMP: 1. Click the SNMP toggle key to switch it to the ON position. 2.
SNMP traps SNMP traps are messages from the router to the Network Management System sent as UDP packets. They are often used to notify the management system of any significant events such as whether the link is up or down. Configuring SNMP traps To configure SNMP traps: 1. In the Trap destination field, enter the IP address to which SNMP data is to be sent. 2. In the Heartbeat interval field, enter the number of seconds between SNMP heartbeats. 3.
TR-069 To access the TR-069 configuration page, click the Services menu item, then select the TR-069 menu item on the left. Figure 100 - TR-069 configuration The TR-069 (Technical Report 069) protocol is a technical specification also known as CPE WAN Management Protocol (CWMP). It is a framework for remote management and auto-configuration of end-user devices such as customer-premises equipment (CPE) and Auto Configuration Servers (ACS).
The NetComm Wireless router sends “inform” messages periodically to alert the ACS server that it is ready. These inform messages can also be configured to accept a connection request from the ACS server. When a connection is established, any tasks queued on the ACS server are executed. These tasks may be value retrieval or changes and firmware upgrades. TR-069 configuration To configure TR-069: 1. Click the Enable TR-069 toggle key to switch it to the ON position. 2.
GPS On models with a built-in GPS, you are able to use location-based services, monitor field deployed hardware or find your current location. The GPS Status window provides up to date information about the current location and the current GPS signal conditions (position dilution of precision (PDOP), horizontal dilution of precision (HDOP) and vertical dilution of precision (VDOP)) of the router. NMEA support The router supports the National Marine Electronics Association NMEA-0183 compatible (V2.
Mobile Station Based Assisted GPS configuration To access the Mobile Station Based Assisted GPS configuration screen, select the Services item from the top menu bar then the GPS item on the left. Finally, select the MSB (A-GPS) menu item. This function is only available on models with built-in GPS capability. Mobile Station Based Assisted GPS (MSB A-GPS) enables your router to download GNSS data which supply orbital data to GPS receiver, enabling it to lock to the satellites more rapidly.
Odometer To access the Odometer screen, select the Services item from the top menu bar then the GPS item on the left. Finally, select the Odometer menu item. The GPS may be used to record the distance that the router has travelled. To do this, set the Odometer toggle key to the ON position as in the screenshot below. You can toggle the unit of measurement by clicking the Display imperial / Display metric button.
USSD Network Messaging, also known as Unstructured Supplementary Service Data (USSD) is a protocol that can be used to communicate from your device to your service provider. Depending on which network you use for your mobile broadband service, this page can be used for a variety of network services such as balance checking, recharging a prepaid service, and many others. Network messaging can be initiated using special codes specified by your carrier for these various services.
IO configuration The NTC-140W Series Router is equipped with a 2 x 2 Molex connector providing Power (+), Ground (−), a multipurpose input and output pin and an ignition detection input.
The table below describes the different modes available on the physical I/O pins of the router. MODE Digital input Digital output Analogue input DESCRIPTION The corresponding pin accepts digital input. Pull up may be on or off and both 3.3V and 8.2V are available as pull up voltages. The value column displays whether the signal received on the pin is High or Low. The corresponding pin outputs a digital signal. Pull up may be on or off and both 3.3V and 8.2V are available as pull up voltages.
SMS messaging The NTC-140W Series router offers an advanced SMS feature set, including sending messages, receiving messages, redirecting incoming messages to another destination, as well as supporting remote commands and diagnostics messages. Some of the functions supported include: Ability to send a text message via a cellular network and store it in permanent storage. Ability to receive a text message via a cellular network and store it in permanent storage.
OPTION DEFINITION General SMS configuration SMS messaging Toggles the SMS functionality of the router on and off. Messages per page (10-50) The number of SMS messages to display per page. Must be a value between 10 and 50. Encoding scheme The encoding method used for outbound SMS messages. GSM 7-bit mode permits up to 160 characters per message but drops to 50 characters if the message includes special characters.
New message The New message page can be used to send SMS text messages to a single or multiple recipients. A new SMS message can be sent to a maximum of 9 recipients at the same time. After sending the message, the result is displayed next to the destination number as “Success” or “Failure” if the message failed to send. By default, only one destination number field is displayed. Additional destination numbers may be added one at a time after entering a valid number for the current destination number field.
Inbox / Sent Items The Inbox displays all received messages that are stored on the router while Sent Items displays all sent messages. Figure 108 - SMS Inbox Figure 109 - SMS Outbox ICON DESCRIPTION Forward button. Click this button to open a new message window where you can forward the corresponding message to another recipient. Reply button. Click this button to open a new message window where you can reply to the sender. Add to White list.
Diagnostics The Diagnostics page is used to configure the SMS diagnostics and command execution configuration. This allows you to change the configuration, perform functions remotely and check on the status of the router via SMS commands. To access the Diagnostics page, click on the Services menu item then select the SMS menu on the left and finally select Diagnostics beneath it.
Only accept authenticated SMS messages Enables or disables checking the sender’s phone number against the allowed sender white list for incoming diagnostics and command execution SMS messages. If authentication is enabled, the router will check if the sender’s number exists in the white list. If it exists, the router then checks the password (if configured) in the incoming message against the password in the white list for the corresponding sending number.
White List for diagnostic or execution SMS The white list is a list of mobile numbers that you can create which are considered “friendly” to the router. If Only accept authenticated SMS messages is enabled in the diagnostics section, the router will compare the mobile number of all incoming diagnostic and command messages against this white list to determine whether the diagnostic or command should be executed. You may optionally configure a password for each number to give an additional level of security.
Sending an SMS Diagnostic Command Follow the steps below to configure the router to optionally accept SMS diagnostic commands only from authenticated senders and learn how to send SMS diagnostic commands to the router. 1. Navigate to the Services > SMS messaging > Diagnostics page 2. Confirm that the Enable remote diagnostics and command execution toggle key is set to the ON position. If it is set to OFF click the toggle key to switch it to the ON position. 3.
SMS command format Generic Format for reading variables: get VARIABLE PASSWORD get VARIABLE Generic Format for writing to variables: set VARIABLE=VALUE PASSWORD set VARIABLE=VALUE Generic Format for executing a command: Execute COMMAND PASSWORD execute COMMAND Replies Upon receipt of a successfully formatted, authenticated (if required) command, the gateway will reply to the SMS in the following format: TYPE SMS CONTENTS get command “VARIABLE=VALUE” set command “Successfully set VARIABLE to VALUE” exe
A password (if required), only needs to be specified once per SMS, but can be prefixed to each command if desired. “PASSWORD get Variable1”; “get VARIABLE2” “PASSWORD set VARIABLE1=VALUE1”; “set VARIABLE2=VALUE2” If the command sent includes the “reboot” command and has already passed the white list password check, the device keeps this password and executes the remaining command line after the reboot with this same password.
List of get/set commands The following table is a partial list of get and set commands which may be performed via SMS. COMMAND NAME EXAMPLE get status get status Returns the Module firmware version, LAN IP Address, Network State, Network operator and RSSI. get sessionhistory get sessionhistory Returns the time and date of recent sessions along with the total amount of data sent and received for each session. set syslogserver set syslogserver=123.45.67.
get ledmode get ledmode Returns the status of the LED operation mode. set ledmode set ledmode=10 Sets the LED operation mode to be always on or to turn off after the specified number of minutes. get ssh.proto get ssh.proto Returns the SSH protocol in use. set ssh.proto set ssh.proto=1,2 Sets the SSH Protocol to protocol 1, 2 or both (1,2). get ssh.passauth get ssh.passauth Returns the status of the SSH Enable password authentication option. set ssh.passauth set ssh.
Network scan and manual network selection by SMS Performing a network scan The get plmnscan SMS command enables you to perform a scan of the cellular networks available at the time of the scan.
For example: set forceplmn=0 Sets the selection of operator and network type to automatic mode. set forceplmn=505,3 Sets the operator to a manual selection made by the user where “505” is the Mobile Country Code for Australia and “3” is the Mobile Network Code for Vodafone. As no network type (e.g. LTE/3G/2G) is specified, it is selected automatically.
Not required execute pdpup Required PASSWORD execute pdpup Not required get wanip; get rssi Required PASSWORD get wanip; get rssi Not required set ssh.genkeys=1; set username=test; set auth=pap Required PASSWORD set ssh.
Enable/disable password authentication on host Generate set of public/private keys on the host Clear client public keys stored on host Required PASSWORD set ssh.passauth=1 or PASSWORD set ssh.passauth=0 Not required execute ssh.genkeys Required PASSWORD execute ssh.genkeys Not required execute ssh.clearkeys Required PASSWORD execute ssh.clearkeys Table 36 - SMS diagnostics example commands www.netcommwireless.
System Log The Log pages are used to display or download the System log and IPSec logs on the router. System log The System Log enables you to troubleshoot any issues you may be experiencing with your NTC-140W Series router. To access the System Log page, click on the System menu. The System Log is displayed. Figure 113 - System log file Log file Use the Display level drop-down list to select a message level to be displayed. The message levels are described in the table below.
Enable the log to non-volatile memory option When the router is configured to log to non-volatile memory, the log data is stored in flash memory, making it accessible after a reboot of the router. Up to 512kb of log data will be stored before it is overwritten by new log data. Flash memory has a finite number of program-erase operations that it may perform to the blocks of memory.
IPSec log The IPSec log section provides the ability for you to download the log for the IPSec VPN function. This can assist in troubleshooting any problems you may have with the IPSec VPN. Figure 115 - IPSec log Use the Log level drop down list to specify the type of detail you want to capture in the log and then click the Save button. When you change the logging level, any active IPSec VPN tunnels will be disconnected as a change in logging level requires the IPSec service to be restarted.
System configuration Settings backup and restore The settings backup and restore page is used to backup or restore the router’s configuration or to reset it to factory defaults. In order to view the settings page you must be logged into the web user interface as root using the password admin.
Upload To access the Upload page, click on the System menu, then System Configuration and then Upload. The Upload page allows you to upload firmware files, HTTPS certificates or user created application packages to the NTC-140W Series router. When firmware files have been uploaded, they can also be installed from this page. PDF files, such as this user guide may also be uploaded for access on the router’s help page.
Figure 118 - File upload 6. Repeat steps 4 and 5 for the main system firmware image. 7. The uploaded firmware images are listed in the Uploaded files section. Click the Install link next to the recovery image to begin installing the recovery firmware image and then click OK on the confirmation window that appears. Figure 119 - Uploaded files 8.
9. Click the Install link to the right of the main firmware image you uploaded and then click OK to confirm that you want to continue with the installation. Note: Do not remove the power when the router’s LEDs are flashing as this is when the firmware update is in process. 10. The installation is complete when the countdown reaches zero. The router attempts to redirect you to the Status page. Figure 121 -– Installing main firmware image 11.
Administration Administration settings To access the Administration Settings page, click on the System menu then the Administration menu on the left and then click on Administration Settings. The Administration settings page is used to enable or disable protocols used for remote access and configure the passwords for the user accounts used to log in to the router. Figure 123 - Administration page www.netcommwireless.
OPTION DEFINITION Remote router access control Enable HTTP Enable or disable remote HTTP access to the router. You can also set the port you would like remote HTTP access to be available on. HTTP management port Enter a port number between 1 and 65534 to use when accessing the router remotely. Enable HTTPS Enable or disable remote HTTPS access to the router using a secure connection.
HTTPS key management What is HTTP Secure? HTTP Secure or HTTPS is the use of the HTTP protocol over an SSL/TLS protocol. It is used primarily to protect against eavesdropping of communication between a web browser and the web site to which it is connected. This is especially important when you wish to have a secure connection over a public network such as the internet. HTTPS connections are secured through the use of certificates issued by trusted certificate authorities such as VeriSign.
CODE COUNTRY CODE COUNTRY CODE COUNTRY CODE COUNTRY AX Åland Islands ER Eritrea LS Lesotho SA Saudi Arabia AD Andorra ES Spain LT Lithuania SB Solomon Islands AE United Arab Emirates ET Ethiopia LU Luxembourg SC Seychelles AF Afghanistan FI Finland LV Latvia SE Sweden AG Antigua and Barbuda FJ Fiji LY Libya SG Singapore AI Anguilla FK Falkland Islands (Malvinas) MA Morocco SH St.
3. When you have entered all the required details, press the Generate button. The certificate takes several minutes to generate. When the certificate has been generated, you are informed that it has been successfully generated and installed. The web server on the router restarts and you are logged out of the router. Click OK to be taken back to the login screen. Figure 125 - New certificate successfully generated message www.netcommwireless.
SSH key management Secure Shell (SSH) is UNIX-based command interface and network protocol used to gain secure access to a remote computer, execute commands on a remote machine or to transfer files between machines. It was designed as a replacement for Telnet and other insecure remote shell protocols which send information, including passwords, as plain text. SSH uses RSA public key cryptography for both connection and authentication.
Host key management SSH keys provide a means of identification using public key cryptography and challenge response authentication. This means that a secure connection can be established without transmitting a password, thereby greatly reducing the threat of someone eavesdropping and guessing the correct credentials. SSH Keys always come in pairs with one being a public key and the other a private key. The public key may be shared with any server to which you want to connect.
LED operation mode The 8 front LED indicators may be turned off after a timeout period for aesthetic or power saving reasons. To access the LED Operation Mode page, click the System menu, then Administration on the left and finally select LED Operation Mode. Figure 127 - LED Operation Mode The Mode drop down list sets the operation mode of the LEDs on the front panel of the router. To set the lights to operate at all times, set this to Always on.
Watchdogs To access the Watchdogs page, click the System menu item, then select the Watchdogs menu item on the left. Figure 128 - Watchdogs Settings Watchdogs are features which monitor the router for anomalies and restart the router if an anomaly occurs preventing its normal operation. When configured, the watchdogs feature transmits controlled ping packets to 1 or 2 user specified IP addresses to confirm an active connection.
The watchdog works as follows: a) The router sends 3 consecutive pings to the first destination address at the interval specified in the Periodic Ping timer field. b) If all 3 pings to the first destination address fail, the router sends 3 consecutive pings to the second destination address at the Periodic Ping timer interval. c) If all 3 pings to the second destination address fail, the router sends 3 pings to the first destination address using the Periodic Ping accelerated timer interval.
Configuring Periodic Ping settings The Periodic Ping settings configure the router to transmit controlled ping packets to 2 specified IP addresses. If the router does not receive responses to the pings, the router will reboot. To configure the ping watchdog: 1. In the First destination address field, enter a website address or IP address to which the router should send the first round of ping requests. 2.
Power management The Power management page provides you with an overview of the power profiles and the ability to configure them. Up to five power profiles may be configured and all of them may be active simultaneously. The Status column indicates whether the profile is active, while the Sleep mode and Wake mode columns summarise the method used to sleep or wake the modem.
Sleep settings Use the Sleep mode drop down list to select a condition under which the router should enter the sleep state. Sleep after timer When this mode is selected, the router will enter the sleep state after the number of minutes specified in the Sleep after field, regardless of the state of the ignition pin.
Wake settings Use the Wake mode drop down list to select a condition under which the router should return from the sleep state. Wake triggered by ignition pin This mode sets the router to wake up when the signal on the ignition pin reaches the specified value. Figure 135 - Wake up triggered by ignition pin Use the Wake up when ignition pin goes setting to select Low or High. By default, this is set to High.
USB-OTG The USB-OTG page displays the current status of the USB port, i.e. whether it is in Device mode or Host mode. By default, Automatic mode is set to ON, allowing the router to intelligently choose the correct mode. If you wish to manually override this selection, you can turn off Automatic mode and set Host or Device mode yourself. Figure 137 - USB-OTG configuration www.netcommwireless.
Storage The Storage page provides configuration options with relation to USB and SD storage devices. Storage device list The Storage devices list displays any connected storage devices and summarises the type, file system, size, used and available space on each device. Additionally, an eject button is provided to unmount the storage device so you can safely remove it. Figure 138 - Storage Network Samba storage settings Storage devices connected to the router can be shared using the Samba protocol.
Reboot The reboot option in the System section performs a soft reboot of the router. This can be useful if you have made configuration changes you want to implement. To reboot the router: 1. Click the System menu item from the top menu bar. 2. Click the Reboot button from the menu on the left side of the screen. Figure 139 - Reboot menu option 3. The router displays a warning that you are about to perform a reboot.
Appendix A: Tables Table 1 - Document Revision History ............................................................................................................................................... 2 Table 2 - Device Dimensions ............................................................................................................................................................ 7 Table 3 - LED Indicators ...................................................................................................
Appendix B: Default Settings The following tables list the default settings for the NTC-140W Series router. LAN (MANAGEMENT) Static IP Address: 192.168.1.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.1.
Restoring factory default settings Restoring factory defaults will reset the NTC-140W Series router to its factory default configuration. You may encounter a situation where you need to restore the factory defaults on your NTC-140W Series router such as: You have lost your username and password and are unable to login to the web configuration page; You are asked to perform a factory reset by support staff.
Appendix C: Recovery mode The NTC-140W Series Router features two independent operating systems, each with its own file systems. These two systems are referred to as 'Main' and 'Recovery'. It is always possible to use one in order to restore the other in the event that one system becomes damaged or corrupted (such as during a firmware upgrade failure). The recovery console provides limited functionality and is typically used to restore the main firmware image in the case of a problem.
Status The status page provides basic information such as the system up time, hardware and software router versions, the router’s serial number, the method used to trigger the recovery mode, the IP and MAC address of the router and the status of the Ethernet port. Figure 142 - Recovery mode - Status Log The log page displays the system log which is useful in troubleshooting problems which may have led to the router booting up in recovery mode.
Application Installer The Application installer is designed to upload and install main firmware images, upload recovery firmware images, custom applications and HTTPS certificates. Use the Browse button to select a file to be uploaded to the router. When it has been selected, press the Upload button. The file is sent to the router and when the transfer is complete, the file appears in the Uploaded files list. From the Uploaded files list, you are able to either Install or Delete a file.
Appendix D: HTTPS Uploading a self-signed certificate If you have your own self-signed certificate or one purchased elsewhere and signed by a Certificate Authority, you can upload it to the NTC-140W Series router using the Upload page. Note: Your key and certificate files must be named server.key and server.crt respectively otherwise they will not work. To upload your certificate: 1. Click on the System item from the top menu bar. From the side menu bar, select System Configuration and then Upload.
3. Click the Upload button to begin uploading it to the router. The file appears in the list of files stored on the router. Figure 149 - Server certificate file uploaded 4. Repeat steps 2 and 3 for the server key file. 5. Click the Install link next to the server.crt file then click OK on the prompt that is displayed. The certificate file is installed. Repeat this for the key file. When each file is installed it is removed from the list of stored files. Figure 150 - Installing the server.
Appendix E: RJ-45 connectors The RJ-45 connectors provide an interface for a data connection and for device input power using the pin layout shown below.
Appendix G: Input/Output Overview The NTC-140W series router is equipped with a 2 x 2 Molex connector providing a multipurpose input and output terminal as well as a dedicated ignition input.
Wiring Examples The following examples are shown as a guide as to what can be achieved by the I/O features. It is up to the system integrator to have enough knowledge about the interface to be able to achieve the required results. Note: NetComm Wireless does not offer any further advice on the external wiring requirements or wiring to particular sensors, and will not be responsible for any damage to the unit or any other device used in conjunction with it.
Digital inputs There are several ways to connect a digital input. A digital input can be anything from a simple switch to a digital waveform or pulses. The unit will read the voltage in as an analogue input and the software will decode it in a certain way depending on your configuration. Below is a contact closure type input, which is detecting an Earth. Pull up is activated for this to work. The following input detects an input going high. The turn on/off threshold can be set in the software.
Analogue Sensor with Voltage output There are various analogue sensors that connect directly to the unit which can provide a voltage output. These would require an external power source which may or may not be the same as the unit itself. The voltage range they provide can be between 0V and 30V. Some common sensor output ranges include 0V to 10V. The pull up resistor is not activated in this case. Analogue Sensor with 4 to 20mA output Another common type of sensor type is the 4-20mA current loop sensor.
System Example –Solar powered Router with battery backup The previous examples of wiring can be used to come up with a system. The following test case is an example of how the I/O’s can be used to enhance a simple router setup. www.netcommwireless.
Appendix H: Obtaining a list of RDB variables The RDB is a database of variables that contain settings on the router. You can retrieve (get) and set the values of these variables through the command-line or via SMS Diagnostics. To access a full list of the RDB variables, follow these steps: 1. Log in to the web user interface as described in the Advanced configuration section of this guide. 2. Click the System menu at the top of the screen, then select the Administration menu on the left.
Appendix I: Using USB devices and MicroSD cards The NTC-140W Series router features a Mini USB 2.0 OTG port capable of supplying 0.5A to connected devices and a microSD card slot allowing additional storage. The Mini USB port supports both USB storage devices as well as certain USB accessories, including USB-to-Ethernet adapters and USB-to-Serial cables. Accessing USB/SD card storage devices When a USB storage device or microSD card is inserted, the router automatically mounts the storage.
Technical Data The following tables list the hardware specifications of the NTC-140W Series routers.
Supports NMEA-0183 (v2.3) Redirect NMEA stream to serial for forward over IP Odometer reading available via Web-UI, CLI and SDK Operating Temperature Operating Temperature Range (Class A): -30ºC to +70ºC Operating Temperature Range (Class B)*: -40°C to +85°C *with performance deviation Power input Power input and I/O via 4 way Molex mini-fit connector DC Power (8 - 40V DC) 1x dedicated ignition input on 4 way connector Minimum power input rating of 6W via 4 way mini-fit connector.
Safety and product care RF Exposure Your device contains a transmitter and a receiver. When it is on, it receives and transmits RF energy. When you communicate with your device, the system handling your connection controls the power level at which your device transmits. This device meets the government’s requirements for exposure to radio waves.
The CE Marking is not a quality mark. Foremost, it refers to the safety rather than to the quality of the product. Secondly, CE Marking is mandatory for the product it applies to whereas most quality markings are voluntary. Marking: The product shall bear the CE mark, the notified body number(s) as depicted to the right. NOTE: To comply with the RF exposure requirements, this equipment must be operated with a minimum of 20 cm separation from the user.
IMPORTANT NOTE: IC radiation exposure statement: This equipment complies with IC RSS-102 radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator and users body. Electrical safety Accessories Only use approved accessories. Do not connect with incompatible products or accessories. Connection to a car Seek professional advice when connecting a device interface to the vehicle electrical system.
Small children Do not leave your device and its accessories within the reach of small children or allow them to play with it. They could hurt themselves or others, or could accidentally damage the device. Your device contains small parts with sharp edges that may cause an injury or which could become detached and create a choking hazard.
Explosive environments Petrol stations and explosive atmospheres In locations with potentially explosive atmospheres, obey all posted signs to turn off wireless devices such as your device or other radio equipment. Areas with potentially explosive atmospheres include fuelling areas, below decks on boats, fuel or chemical transfer or storage facilities, areas where the air contains chemicals or particles, such as grain, dust, or metal powders.
Product Warranty For warranty information please visit http://www.netcommwireless.com/product/m2m/ntc-140w www.netcommwireless.
