Ursalink UR72 Industrial Cellular Router User Guide

UR72 User Guide
1
UR72 User Guide
Preface
Thanks for choosing Ursalink UR72 industrial cellular router. The UR72 industrial cellular router delivers
tenacious connection over network with full-featured design such as automated failover/failback,
extended operating temperature, dual SIM cards, hardware watchdog, VPN, Gigabit Ethernet and beyond.
This guide describes how to configure and operate the UR72 industrial cellular router. You can
refer to it for detailed functionality and router configuration.
Readers
This guide is mainly intended for the following users:
- Network Planners
- On-site technical support and maintenance personnel
- Network administrators responsible for network configuration and maintenance
© 2017 Xiamen Ursalink Technology Co., Ltd.
All rights reserved.
All information in this user guide is protected by copyright law. Whereby, no organization or individual
shall copy or reproduce the whole or part of this user guide by any means without written authorization
from Xiamen Ursalink Technology Co., Ltd.
Products Covered
This guide explains how to configure the following devices:
• Ursalink UR72 Industrial Cellular Router
Related Documents
Document
Ursalink UR72 Datasheet
Ursalink UR72 Quick Start Guide
Description
Datasheet for the Ursalink UR72 industrial
cellular router.
Quick Installation guide for the Ursalink UR72
series industrial cellular router.
Declaration of Conformity
UR72 is in conformity with the essential requirements and other relevant provisions of the CE, FCC, and
RoHS.
2
UR72 User Guide
For assistance, please contact
Ursalink technical support:
Email: support@ursalink.com
Tel.: 86-592-5023060
Fax: 86-592-5023065
Revision History
Date
Nov. 14, 2017
Doc Version
V.1.0.0
Description
Initial version
3
UR72 User Guide
Contents
Chapter 1 Product Introduction............................................................................................................................... 8
1.1 Overview..................................................................................................................................................... 8
1.2 Advantages..................................................................................................................................................8
1.3 Specifications............................................................................................................................................ 10
1.4 Dimensions (mm)......................................................................................................................................12
Chapter 2 Installation............................................................................................................................................. 13
2.1 General Packing List..................................................................................................................................13
2.2 Product Overview..................................................................................................................................... 14
2.3 LED Indicators........................................................................................................................................... 14
2.5 PIN Definition............................................................................................................................................15
2.6 Reset Button..............................................................................................................................................16
2.7 SIM Card Installation................................................................................................................................ 16
2.8 Micro SD card/ SSD Installation............................................................................................................... 17
2.8.1 Micro SD Card Installation.............................................................................................................17
2.8.2 SSD Installation..............................................................................................................................18
2.9 Antenna Installation................................................................................................................................. 18
2.10 Mounting the Router..............................................................................................................................19
2.11 Connect the Router to a Computer........................................................................................................19
2.12 Installation of Power Supply and Protective Grounding...................................................................... 20
2.12.1 Power Supply Installation........................................................................................................... 20
2.12.2 Protective Grounding Installation.............................................................................................. 20
Chapter 3 Access to Web GUI.................................................................................................................................21
3.1 PC Configuration for Web GUI Access to Router.....................................................................................21
3.2 Access to Web GUI of Router................................................................................................................... 22
Chapter 4 Web Configuration.................................................................................................................................24
4.1 Status.........................................................................................................................................................24
4.1.1 Overview........................................................................................................................................ 24
4.1.2 Cellular........................................................................................................................................... 24
4.1.3 Network......................................................................................................................................... 26
4.1.4 WLAN (Only Applicable to Wi-Fi Version).................................................................................... 27
4.1.5 VPN.................................................................................................................................................29
4.1.6 Routing Information...................................................................................................................... 30
4.1.7 Host List..........................................................................................................................................31
4.1.8 GPS................................................................................................................................................. 31
4.2 Network.....................................................................................................................................................32
4.2.1 Interface......................................................................................................................................... 32
4.2.1.1 Port......................................................................................................................................32
4.2.1.2 WAN.................................................................................................................................... 33
4.2.1.3 LAN...................................................................................................................................... 37
1. LAN Settings................................................................................................................................ 37
4.2.1.4. VLAN Settings.................................................................................................................... 37
4.2.1.5 WLAN (Only Applicable to Wi-Fi Version)......................................................................... 38
4
UR72 User Guide
4.2.1.6 Cellular................................................................................................................................ 40
4.2.1.7 Loopback.............................................................................................................................43
4.2.2 Firewall...........................................................................................................................................44
4.2.2.1 ACL.......................................................................................................................................44
4.2.2.2 DMZ.....................................................................................................................................45
4.2.2.3 Port Mapping......................................................................................................................46
4.2.2.4 MAC Binding....................................................................................................................... 47
4.2.3 QoS................................................................................................................................................. 47
4.2.3.1 QoS (Download/Upload)................................................................................................... 48
4.2.4 DHCP...............................................................................................................................................49
4.2.4.1 DHCP Server........................................................................................................................49
4.2.4.2 DHCP Relay......................................................................................................................... 50
4.2.5 DDNS.............................................................................................................................................. 51
4.2.6 Link Failover................................................................................................................................... 52
4.2.6.1 SLA.......................................................................................................................................52
4.2.6.2 Track.................................................................................................................................... 53
4.2.6.3 VRRP....................................................................................................................................54
4.2.6.4 WAN Failover...................................................................................................................... 56
4.2.7 Routing........................................................................................................................................... 57
4.2.7.1 Static Routing......................................................................................................................57
4.2.7.2 RIP....................................................................................................................................... 58
4.2.7.3 OSPF.................................................................................................................................... 62
4.2.7.4 Routing Filtering................................................................................................................. 67
4.2.8 VPN.................................................................................................................................................67
4.2.8.1 DMVPN................................................................................................................................68
4.2.8.2 IPSec.................................................................................................................................... 69
4.2.8.3 GRE...................................................................................................................................... 72
4.2.8.4 L2TP.....................................................................................................................................73
4.2.8.5 PPTP.................................................................................................................................... 76
4.2.8.6 OpenVPN Client..................................................................................................................78
4.2.8.7 OpenVPN Server.................................................................................................................80
4.2.8.8 Certifications.......................................................................................................................82
4.3 System....................................................................................................................................................... 83
4.3.1 General Settings.............................................................................................................................83
4.3.1.1 General................................................................................................................................83
4.3.1.2 Account Management........................................................................................................85
4.3.1.3 System Time........................................................................................................................85
4.3.1.4 SMTP................................................................................................................................... 87
4.3.1.5 Phone.................................................................................................................................. 88
4.3.1.6 Storage................................................................................................................................ 89
4.3.2 User Management......................................................................................................................... 90
4.3.3 SNMP..............................................................................................................................................90
4.3.3.1 SNMP...................................................................................................................................91
4.3.3.2 MIB View.............................................................................................................................91
5
UR72 User Guide
4.3.3.3 VACM...................................................................................................................................92
4.3.3.4 Trap..................................................................................................................................... 93
4.3.3.5 MIB......................................................................................................................................93
4.3.4 AAA.........................................................................................................................................................94
4.3.4.1 Radius..................................................................................................................................94
4.3.4.2 TACACS+.............................................................................................................................. 94
4.3.4.3 LDAP.................................................................................................................................... 95
4.3.4.4 Authentication....................................................................................................................96
4.3.5 Device Management..................................................................................................................... 97
4.3.6 Events............................................................................................................................................. 97
4.3.6.1 Events..................................................................................................................................97
4.3.6.2 Events Settings....................................................................................................................98
4.4 Industrial Interface................................................................................................................................... 99
4.4.1 I/O................................................................................................................................................ 100
4.4.1.1 DI....................................................................................................................................... 100
4.4.1.2 DO..................................................................................................................................... 102
4.4.2 Serial Port.....................................................................................................................................102
4.4.3 Modbus TCP................................................................................................................................. 105
4.4.3.1 Modbus TCP......................................................................................................................106
4.4.4 Modbus Master........................................................................................................................... 106
4.4.4.1 Modbus Master................................................................................................................ 106
4.4.4.2 Channel............................................................................................................................. 107
4.4.5 GPS............................................................................................................................................... 110
4.4.5.1 GPS.................................................................................................................................... 110
4.4.5.2 GPS IP Forwarding............................................................................................................ 110
4.4.5.3 GPS Serial Forwarding......................................................................................................111
4.5 Maintenance........................................................................................................................................... 112
4.5.1 Tools............................................................................................................................................. 112
4.5.1.1 Ping....................................................................................................................................112
4.5.1.2 Traceroute.........................................................................................................................113
4.5.2 Schedule.......................................................................................................................................114
4.5.3 Log................................................................................................................................................ 114
4.5.3.1 System Log........................................................................................................................ 114
4.5.3.2 Log Settings.......................................................................................................................115
4.5.4 Upgrade........................................................................................................................................116
4.5.5 Backup and Restore.....................................................................................................................117
4.5.6 Reboot..........................................................................................................................................118
4.6 APP.......................................................................................................................................................... 118
4.6.1 Python..........................................................................................................................................118
4.6.1.1 Python...............................................................................................................................119
4.6.1.2 App Manager Configuration............................................................................................ 120
4.6.1.3 Python App....................................................................................................................... 120
Chapter 5 Application Examples.......................................................................................................................... 122
5.1 Account Info Management.....................................................................................................................122
6
UR72 User Guide
5.2 Common User Management.................................................................................................................. 122
5.3 System Time Management.....................................................................................................................123
5.4 Backup and Restore Configuration........................................................................................................ 125
5.5 Restore Factory Defaults........................................................................................................................ 126
5.5.1 Via Web Interface........................................................................................................................ 126
5.5.2 Via Hardware............................................................................................................................... 127
5.6 Firmware Upgrade.................................................................................................................................. 128
5.7 Events Application Example................................................................................................................... 130
5.8 Schedule Application Example...............................................................................................................131
5.9 Logs and Diagnostics...............................................................................................................................132
5.10 SNMP Application Example..................................................................................................................133
5.11 LAN Management................................................................................................................................. 136
5.12 Network Connection............................................................................................................................ 137
5.12.1 Cellular Connection................................................................................................................... 137
5.12.2 Ethernet WAN Connection........................................................................................................139
5.13 WAN Failover/Backup Application Example....................................................................................... 142
5.13.1 Dual SIM Backup........................................................................................................................142
5.13.2 WAN Failover............................................................................................................................. 144
5.14 Wi-Fi Application Example (Only Applicable to Wi-Fi Version)..........................................................148
5.14.1 AP Mode.................................................................................................................................... 148
5.14.2 Client Mode............................................................................................................................... 149
5.15 VRRP Application Example...................................................................................................................151
5.16 Static Routing Application Example.....................................................................................................156
5.17 Dynamic Routing Application Example............................................................................................... 157
5.18 NAT Application Example..................................................................................................................... 160
5.19 Access Control Application Example....................................................................................................160
5.20 QoS Application Example..................................................................................................................... 161
5.21 DTU Application Example.....................................................................................................................162
5.22 PPTP Application Example................................................................................................................... 166
7
UR72 User Guide
Chapter 1 Product Introduction
1.1 Overview
Ursalink UR72 is an industrial cellular router with embedded intelligent software features that are
designed for multifarious M2M/IoT applications. Supporting global WCDMA and 4G LTE, UR72 provides
drop-in connectivity for operators and makes a giant leap in maximizing uptime.
Adopting high-performance and low-power consumption industrial platform of 64-bit CPU and wireless
module, the UR72 is capable of providing wire-speed network with a typical 2.9 W power consumption
and ultra-small package to ensure the extremely safe and reliable connection to the wireless network.
Meanwhile, the UR72 also supports Gigabit Ethernet ports, serial port (RS232/RS485) and I/O
(input/output), which enables you to scale up M2M application combining data and video in limited time
and budget.
The UR72 is particularly ideal for smart grid, digital media installations, industrial automation, telemetry
equipment, medical device, digital factory, finance, payment device, environment protection, water
conservancy and so on.
Figure 1-1
1.2 Advantages
Benefits
-
Built-in industrial strong CPU, big memory; SSD/Micro SD card is available to support further
development and customized requirements
-
Gigabit Ethernet is applied to all models of Ursalink routers for lightning transmission of data
-
Dual SIM cards for backup between multiple carriers networking and global 3G/LTE options make it
easy to get connected
-
Embed Ursalink SDK (Python 2.7/C) for secondary development
-
Flexible modular design provides users with different connection modules like Ethernet, I/O, serial
port, Wi-Fi, GPS for connecting diverse field assets
-
Rugged enclosure, optimized for DIN rail or shelf mounting
-
3-year warranty included
8
UR72 User Guide
Security & Reliability
-
Automated failover/failback between Ethernet and Cellular (dual SIM)
-
Enable unit with security frameworks like IPsec/OpenVPN/GRE/L2TP/PPTP/ DMVPN
-
Embed hardware watchdog, able to automatically recover from various failure, ensure highest level of
availability
-
Establish a secured mechanism on centralized authentication and authorization of device access by
supporting AAA (TACACS+, Radius, LDAP, local authentication) and multiple levels of user authority
Easy Maintenance
-
Ursalink Device Management Platform provides easy setup, mass configuration, and centralized
management of remote devices
-
The user-friendly web interface design and more than one option of upgrade help administrator to
manage the device as easy as pie
-
WEB GUI and CLI enable the admin to achieve simple management and quick configuration among a
large quantity of devices
-
Efficiently manage the remote routers on the existing platform through the industrial standard SNMP
Capabilities
-
Link remote devices in an environment where communication technologies are constantly changing
-
Industrial 64-bit ARM Cortex-A53 processor, high-performance operating up to 800MHz with low
power consumption below 1W, and 256 MB memory available to support more applications
-
Support max. 512GB SSD interface
-
Support rich protocols like SNMP, MQTT, Modbus bridging, RIP, OSPF
-
Support wide operating temperature ranging from -40°C to 70°C/-40°F to 158°F
9
UR72 User Guide
1.3 Specifications
Cellular Interfaces
Connectors
2 × 50 Ω SMA (Center pin: female)
SIM Slots
2
Wi-Fi Interface (Optional)
Connectors
2 × 50 Ω SMA (Center pin: female)
Standards
IEEE 802.11a/b/g/n (optional: IEEE 802.11ac)
Tx Power
802.11a: 12dBm ± 2dBm@54Mbps
802.11b: 15dBm ± 2dBm@11Mbp
802.11g: 13dBm ± 2dBm@54Mbps
802.11gn HT20: 12dBm ± 2dBm@MCS7
802.11gn HT40: 11dBm ± 2dBm@MCS7
802.11an HT20: 11dBm ± 2dBm@MCS7
802.11an HT40: 10dBm ± 2dBm@MCS7
802.11ac(HT80): 4dBm ± 2dBm@MCS9
Rx Sensitivity
802.11a: ≤ -65dBm@54Mbps
802.11b: ≤ -76dBm@11Mbps
802.11g: ≤ -65dBm@54Mbps
802.11gn HT20: ≤ -64dBm@MCS7
802.11gn HT40: ≤ -61dBm@MCS7
802.11an HT20: ≤ -64dBm@MCS7
802.11an HT40: ≤ -61dBm@MCS7
802.11ac (HT80): ≤ -51dBm@MCS9
Modes
Access point, support for multiple SSID, support AP and Client
mode
Security
WPA/WPA2 authentication, WEP/TKIP/AES encryption
Hardware System
CPU
800MHz, 64-bit ARM Cortex-A53
Memory
64 MB Flash, 256 MB DDR3 RAM
Storage
1 × Micro SD, 1 × M.2 slot supports SATA M.2 SSD (22 x 42 mm) up to
512 GB
Ethernet
Ports
2 × RJ-45
Physical Layer
10/100/1000 Base-T (IEEE 802.3)
10
UR72 User Guide
Data Rate
10/100/1000 Mbps (auto-sensing)
Interface
Auto MDI/MDIX
Mode
Serial Interface
Full or half duplex (auto-sensing)
Ports
1 × RS232 + 1 × RS485 or 2 × RS232 or 2 × RS485
Connector
Terminal block
Baud Rate
300bps to 230400bps
IO
Connector
(4) pin screw down terminal block
Digital
2 × DI + 2 × DO
Software
Network Protocols
PPP, PPPoE, SNMP v1/v2c/v3, TCP, UDP, DHCP, RIPv1/v2, OSPF, DDNS,
VRRP, HTTP, HTTPS, DNS, ARP, QOS, SNTP, Telnet, VLAN, SSH, etc.
VPN Tunnel
DMVPN/IPsec/OpenVPN/PPTP/L2TP/GRE
Access Authentication
CHAP/PAP/MS-CHAP/MS-CHAPV2
Firewall
ACL/DMZ/Port Mapping/MAC Binding
Management
Web, CLI, SMS, On-demand dial up
AAA
Radius, TACACS+, LDAP, Local Authentication
Multilevel Authority
Multiple levels of user authority
Reliability
VRRP, WAN Failover, Dual SIM Backup
Serial Port
Transparent (TCP Client/Server, UDP), Modbus Gateway (Modbus RTU
to Modbus TCP)
Power Supply and Consumption
Connector
2-pin with 5.08 mm terminal block
Input Voltage
9-48 VDC
Power Consumption
Physical Characteristics
Typical 2.6 W (Max 4.5 W)
Ingress Protection
IP30
Housing & Weight
Metal, 471 g (1.04 lb)
Dimensions
132 x 103.8 x 45 mm (5.20 x 4.09 x 1.77 in)
Mounting
Desktop, wall or DIN rail mounting
Others
Reset Button
1 × RESET
LED Indicators
1 × POWER, 1 × WLAN, 1 × STATUS, 1 × VPN,
11
UR72 User Guide
1 × SIM1, 1 × SIM2, 3 × Signal strength
Built-in
Watchdog, RTC, Timer
Certifications
RoHS, CE, FCC
IEC 61000-4-2 Level 3
IEC 61000-4-3 Level 4
IEC 61000-4-4 Level 3
IEC 61000-4-5 Level 4
IEC 61000-4-6 Level 3
IEC 61000-4-8 Level 4
EMC
Environmental
Operating Temperature
-40°C to +70°C (-40°F to +158°F) Reduced cellular performance above
60°C
Storage Temperature
-40°C to +85°C (-40°F to +185°F)
Ethernet Isolation
1.5 kV RMS
Relative Humidity
0% to 95% (non-condensing) at 25°C/77°F
1.4 Dimensions (mm)
Figure 1-2
12
UR72 User Guide
Chapter 2 Installation
2.1 General Packing List
Before you begin to install the UR72 router, please check the package contents to verify that you have
received the items below.
1 × UR72 Router
1 × Ethernet Cable
1 × Power Adapter
2 × SIM Card Slots
1 × Quick Start Guide
1 × 2-PIN Pluggable
Terminal
1 × 10-PIN
Pluggable Terminal
1 × Warranty Card
2 × Magnetic Mount
Cellular Antennas
(Default)
2 × Stubby Cellular
Antennas (Optional)
2 × Stubby Wi-Fi
Antennas (Optional)
1 × DIN Rail Kit
(Default)
2 × Rack Mount
Kits (Optional)
1 × GPS Antenna
1 × Wall Mounting
Bracket (Optional)
If any of the above items is missing or damaged, please contact your Ursalink sales
representative.
13
UR72 User Guide
2.2 Product Overview
A. Front Panel
1
2
3
4
5
6
7
8
9
Main Cellular Antenna Connector
Reset Button
LED Indicator Area
POWER: Power Indicator
STATUS: Status Indicator
WLAN: Wi-Fi Indicator
VPN: VPN Indicator
SIM 1: SIM 1 Status Indicator
SIM 2: SIM 2 Status Indicator
: Signal Strength Indicator
Ethernet Port Indicator
Orange for data transmission;
Green for network rate
AUX Cellular Antenna
WLAN 2: Wi-Fi Antenna Connector 2
Serial Port & I/O
GPS Antenna Connector
WLAN 1: Wi-Fi Antenna Connector 1
B. Left Side Panel
① SIM Card Slot
② Power Connector
③ Grounding Stud
2.3 LED Indicators
LED
POWER
STATUS
VPN
Indication
Power
Status
Status
On
Off
System
Status
Green Light
VPN
Red Light
Green Light
Description
The power is switched on
The power is switched off
Static: Start-up
Blinking slowly: the system is running properly
The system goes wrong
VPN is connected
14
UR72 User Guide
WLAN
(Wi-Fi)
Status
Off
WLAN
Status
Green Light
Off
Off
SIM1/SIM
2
SIM Card
Status
Green Light
Off
Signal
Strength
Signal
1/2/3
Green Light
VPN is disconnected
Static: Wi-Fi is enabled
Blinking slowly: sending or receiving data via Wi-Fi
Wi-Fi is disabled
SIM1 or SIM2 is registering or fails to register (or there are no
SIM cards inserted)
Blinking slowly: SIM1 or SIM2 has been registered and is
ready for dial-up
Blinking rapidly: SIM1 or SIM2 has been registered and is
dialing up now
Static: SIM1 or SIM2 has been registered and dialed up
successfully
No signal
Static/Off/Off: weak signal with 1-10 ASU (please check if the
antenna is installed correctly or move the antenna to a
suitable location to get better signal)
Static/Static/Off: normal signal with 11-20 ASU. (average
signal strength)
Static/Static/Static: strong signal with 21-31 ASU (signal is
good)
2.4 Ethernet Port Indicators
Indicator
Link Indicator (Orange)
Rate Indicator (Green)
Status
On
Blinking
Off
On
Off
Description
Connected
Transmitting data
Disconnected
1000 Mbps mode
100 Mbps mode
2.5 PIN Definition
15
UR72 User Guide
PIN
1
2
3
4
5
6
7
8
9
10
RS232
TXD
RXD
----GND
-----------
RS485
----A
B
-------------
DI
--------GND
IN1
IN2
-------
PIN
11
12
DO
--------------OUT1
OUT2
COM
Description
Transmit Data
Receive Data
Data +
Data Ground
Digital Input1
Digital Input2
Digital Output1
Digital Output2
Common Ground
Description
Positive
Negative
2.6 Reset Button
Function
Reboot
Reset
Description
STATUS LED
Action
Blinking
Press and hold the reset button for about 5-15 seconds.
Static Green
Release the button and wait for system to reboot.
Blinking
Press and hold the reset button for more than 15 seconds.
Static Green →
Rapidly Blinking
Release the button and wait.
Off → Blinking
The router is now reset to factory defaults.
2.7 SIM Card Installation
A. Push the yellow button on left panel of the router, and then you will see the SIM card slot popping out
directly.
16
UR72 User Guide
B. Put SIM card onto the slot, and then insert the slot back into the hole.
2.8 Micro SD card/ SSD Installation
2.8.1 Micro SD Card Installation
A. Unscrew the cover on left panel
B. Insert Micro SD card.
of the router and then take it off.
C. Close the cover and screw it back to the router.
17
UR72 User Guide
2.8.2 SSD Installation
Before installing SSD, please turn off the power.
A. Unscrew the enclosure, and then remove the cover.
B. Unscrew the main-board, find the interface on the rear side of the main-board and then insert SSD.
C. Screw the main-board on the cabinet and close the cover.
2.9 Antenna Installation
A. Rotate the antenna into the antenna connector accordingly.
The external cellular antenna should be installed vertically always on a site with a good cellular
signal.
18
UR72 User Guide
Note: UR72 router supports dual antennas with “Main” and “AUX” connectors. “Main” interface is for
data receiving and transmission. “AUX” interface is for enhancing signal strength, which cannot be used
separately.
2.10 Mounting the Router
The router can be placed on a desktop or mounted to a wall or a DIN rail.
2.10.1 Wall Mounting (Measured in mm)
Use 2 pcs of M3×6 flat head Phillips screws to fix the wall mounting kit to the router, and then use 2 pcs of
M3 drywall screws to mount the router associated with the wall mounting kit on the wall.
Recommended torque for mounting is 1.0 N. m, and the maximum allowed is 1.2 N.m.
2.10.2 DIN Rail Mounting (Measured in mm)
Use 2 pcs of M3×6 flat head Phillips screws to fix the DIN rail to the router, and then hang the DIN rail on
the mounting bracket. It is necessary to choose a standard bracket.
Recommended torque for mounting is 1.0 N. m, and the maximum allowed is 1.2 N.m.
2.11 Connect the Router to a Computer
Please connect PC to any port among GE 1 of UR72 router with Ethernet cable directly.
19
UR72 User Guide
2.12 Installation of Power Supply and Protective Grounding
2.12.1 Power Supply Installation
A. Take out the terminal from the router and unscrew the bolt on terminal.
B. Screw down the bolt after inserting power cable into the terminal.
Connecting the Power Cable
Color
Red
Yellow
Polarity
+
-
If you insert wires into the reverse holes, the router will not start and you must switch the wires
into the correct holes.
2.12.2 Protective Grounding Installation
1.
Remove the grounding nut.
2.
Connect the grounding ring of the cabinet’s grounding wire onto the grounding stud and screw up
the grounding nut.
The router must be grounded when deployed. According to operating environment, the ground
wire should be connected with grounding stud of router
2.13 Examine
1.
Double check antenna connection.
2.
Double check if SIM card is inserted and become available.
3.
Power on the UR72 industrial cellular router and check indicators status.
(1) If Status LED blinks slowly, the system is running properly.
(2) If SIM1 or SIM2 indicator is static green, the router is connected to network already.
20
UR72 User Guide
Chapter 3 Access to Web GUI
This chapter explains how to access to Web GUI of the UR72 router.
3.1 PC Configuration for Web GUI Access to Router
Please connect PC to any port among GE 1 of UR72 router directly. PC can obtain an IP address, or you can
configure a static IP address manually.
The following steps are based on Windows 10 operating system for your reference.
(Note: as remote access is disabled by default, you can't access to the router's Web GUI when you
connect PC to GE 0 of the router. But it will function properly if you enable it on the Web GUI.)
①Click "Search Box" to search "Control Panel" on
the Windows 10 taskbar.
③ Click "Ethernet" (May have different name).
② Click “Control Panel” to open it, and then
click “View network status and tasks”.
④ Click "Properties".
21
UR72 User Guide
⑤ Double Click "Internet
⑥ Method 1: click "Obtain an IP
Protocol Version 4 (TCP/IPv4)"
address automatically";
to configure IP address and
DNS server.
Method 2: click "Use the following
IP address" to assign a static IP
manually within the same subnet of
the router.
(Note: remember to click “OK” to finish configuration.)
3.2 Access to Web GUI of Router
Ursalink router provides Web-based configuration interface for management. If this is the first time you
configure the router, please use the default settings below.
Username: admin
Password: password
IP Address: 192.168.1.1
DHCP Server: Enabled
1.
Start a Web browser on your PC (Chrome and IE are recommended), type in the IP address, and press
Enter on your keyboard.
2.
Enter the username, password, and click "Login".
22
UR72 User Guide
If the SIM card is connected to cellular network with public IP address, you can access WEB GUI remotely
via the public IP address when remote access is enabled.
If you enter the username or password incorrectly more than 5 times, the login page will be
locked for 10 minutes.
3.
When you login with the default username and password, you will be asked to modify the password.
It’s suggested that you change the password for the sake of security. Click "Cancel" button if you
want to modify it later.
4.
After you login the Web GUI, you can view system information and perform configuration on the
router.
23
UR72 User Guide
Chapter 4 Web Configuration
4.1 Status
4.1.1 Overview
You can view the system information of the router on this page.
Figure 4-1-1-1
Item
Model
Serial Number
Firmware Version
Hardware Version
Local Time
Uptime
CPU Load
RAM (Capacity/Available)
Flash (Capacity/Available)
System Information
Description
Show the model name of router.
Show the serial number of router.
Show the currently firmware version of router.
Show the currently hardware version of router.
Show the currently local time of system.
Show the information on how long the router has been
running.
Show the current CPU utilization of the router.
Show the RAM capacity and the available RAM memory.
Show the Flash capacity and the available Flash memory.
Table 4-1-1-1 System Information
4.1.2 Cellular
You can view the cellular network status of router on this page.
24
UR72 User Guide
Figure 4-1-2-1
Modem Information
Item
Status
Model
Current SIM
Signal Level
Register Status
IMSI
ICCID
ISP
Network Type
PLMN ID
LAC
Cell ID
IMEI
Description
Show corresponding detection status of module and SIM card.
Show the model name of cellular module.
Show the current SIM card used.
Show the cellular signal level.
Show the registration status of SIM card.
Show IMSI of the SIM card.
Show ICCID of the SIM card.
Show the network provider which the SIM card registers on.
Show the connected network type, such as LTE, 3G, etc.
Show the current PLMN ID, including MCC, MNC, LAC and Cell ID.
Show the location area code of the SIM card.
Show the Cell ID of the SIM card location.
Show the IMEI of the module.
Table 4-1-2-1 Modem Information
25
UR72 User Guide
Figure 4-1-2-2
Network Status
Item
Status
IP Address
Netmask
Gateway
DNS
Connection Duration
Description
Show the connection status of cellular network.
Show the IP address of cellular network.
Show the netmask of cellular network.
Show the gateway of cellular network.
Show the DNS of cellular network.
Show information on how long the cellular network has been
connected.
Table 4-1-2-2 Network Status
4.1.3 Network
On this page you can check the WAN and LAN status of the router.
Figure 4-1-3-1
WAN Status
Item
Port
Status
Type
IP Address
Description
Show the name of WAN port.
Show the status of WAN port. "up" refers to a status that WAN
is enabled and Ethernet cable is connected. "down" means
Ethernet cable is disconnected or WAN function is disabled.
Show the dial-up connection type of WAN port.
Show the IP address of WAN port.
26
UR72 User Guide
Netmask
Gateway
DNS
Connection Duration
Show the netmask of WAN port.
Show the gateway of WAN port.
Show the DNS of WAN port.
Show the information on how long the Ethernet cable has been
connected on WAN port when WAN function is enabled. Once
WAN function is disabled or Ethernet connection is
disconnected, the duration will stop.
Table 4-1-3-1 WAN Status
Figure 4-1-3-2
LAN Status
Item
Port
VLAN ID
IP Address
Netmask
MTU
Description
Show the name of LAN port.
Show the label ID of the VLAN.
Show the LAN port's IP address.
Show the LAN port's netmask.
Show the maximum transmission unit of LAN port.
Table 4-1-3-2 LAN Status
4.1.4 WLAN (Only Applicable to Wi-Fi Version)
You can check Wi-Fi status on this page, including the information of access point and client.
Figure 4-1-4-1
27
UR72 User Guide
WLAN Status
Item
Wireless Status
MAC Address
Interface Type
SSID
Channel
Authentication Type
Encryption Type
Status
IP Address
Netmask
Gateway
Connection Duration
Description
Show the wireless status.
Show the MAC address.
Show the interface type, such as "AP" or “Client".
Show the SSID.
Show the wireless channel.
Show the authentication type.
Show the encryption type.
Show the connection status.
Show the IP address of the router.
Show the wireless MAC address of the router.
Show the gateway address in wireless network.
Show information on how long the Wi-Fi network has been
connected.
Table 4-1-4-1 WLAN Status
Figure 4-1-4-2
Associated Stations
Item
IP Address
MAC Address
Signal
RX Packets
Receive Rate
TX Packets
Send Rate
Connection Duration
Description
Show the IP address of access point or client.
Show the MAC address of the access point or client.
Show the wireless signal.
Show the packets size of received data.
Show the receive rate of data.
Show the packets size of transmitted data.
Show the send rate of data.
Show information on how long the Wi-Fi network has been
connected.
Table 4-1-4-2 WLAN Status
28
UR72 User Guide
4.1.5 VPN
You can check VPN status on this page, including PPTP, L2TP, IPsec, OpenVPN and DMVPN.
Figure 4-1-5-1
Figure 4-1-5-2
29
UR72 User Guide
Figure 4-1-5-3
VPN Status
Item
Name
Status
Local IP
Remote IP
Description
Show the name of the VPN tunnel.
Show the status of the VPN tunnel.
Show the local tunnel IP of VPN tunnel.
Show the remote tunnel IP of VPN tunnel.
Table 4-1-5-1 VPN Status
4.1.6 Routing Information
You can check routing status on this page, including the routing table and ARP cache.
Figure 4-1-6-1
30
UR72 User Guide
Item
Routing Table
Destination
Netmask
Gateway
Interface
Metric
ARP Cache
IP
MAC
Interface
Description
Show the IP address of destination host or destination
network.
Show the netmask of destination host or destination network.
Show the IP address of the gateway.
Show the outbound interface of the route.
Show the metric of the route.
Show the IP address of ARP pool.
Show the IP address's corresponding MAC address.
Show the binding interface of ARP.
Table 4-1-6-1 Routing Information
4.1.7 Host List
You can view the host information on this page.
Figure 4-1-7-1
Host List
Item
DHCP Leases
IP Address
MAC Address
Lease Time Remaining
MAC Binding
IP & MAC
Description
Show IP address of DHCP client
Show MAC address of DHCP client
Show the remaining lease time of DHCP client.
Show the IP address and MAC address set in the Static IP list of
DHCP service.
Table 4-1-7-1 Host List Description
4.1.8 GPS
When GPS function is enabled and the GPS information is obtained successfully, you can view the latest
GPS information including GPS Time, Latitude, Longitude and Speed on this page.
31
UR72 User Guide
Figure 4-1-8-1
GPS Status
Item
Time for Locating
Latitude
Longitude
Speed
Description
Show the time for locating.
Show the Latitude of the location.
Show the Longitude of the location.
Show the speed of movement.
Table 4-1-8-1 GPS Description
4.2 Network
4.2.1 Interface
4.2.1.1 Port
This section describes how to configure the Ethernet port parameters.
TThe UR72 cellular router supports 2 Gigabit Ethernet ports, named GE 0 and GE 1.
Definition of the 2 Ethernet ports is listed below.
Port
Definition
Default IP Address
GE 0
WAN
192.168.0.1
GE 1
LAN
192.168.1.1
Table 4-2-1-2 Definition of 2 Ethernet Ports
Figure 4-2-1-1
Port Setting
Item
Port
Status
Property
Description
Users can define the Ethernet ports according to their needs.
Set the status of Ethernet port; select "up" to enable and "down" to disable.
GE 0 port's type is WAN, and GE 1 is LAN. User cannot change this setting.
32
UR72 User Guide
Speed
Duplex
Set the Ethernet port's speed. The options are "auto", "1000 Mbps", "100
Mbps", and "10 Mbps".
Set the Ethernet port's mode. The options are "auto", "full", and "half".
Table 4-2-1-3 Port Parameters
4.2.1.2 WAN
WAN port can be connected with Ethernet cable to get Internet access. It supports 3 connection types.
- Static IP: configure IP address, netmask and gateway for Ethernet WAN interface.
- DHCP Client: configure Ethernet WAN interface as DHCP Client to obtain IP address automatically.
- PPPoE: configure Ethernet WAN interface as PPPoE Client.
Figure 4-2-1-2
WAN Setting
Item
Enable
Port
Connection
Type
MTU
Primary DNS
Server
Secondary DNS
Server
Enable NAT
Description
Enable WAN function
The port that is currently set as WAN port.
Default
Enable
GE 0
Select from "Static IP", "DHCP Client" and "PPPoE".
Static IP
Set the maximum transmission unit.
1500
Set the primary DNS.
Null
Set the secondary DNS.
Null
Enable or disable NAT function. When enabled, a
private IP can be translated to a public IP.
Enable
Table 4-2-1-4 WAN Parameters
33
UR72 User Guide
1. Static IP Configuration
If the external network assigns a fixed IP for the WAN interface, user can select “Static IP” mode.
Figure 4-2-1-3
Static IP
Item
IP Address
Netmask
Gateway
Multiple IP
Address
Description
Set the IP address which can access Internet. E.g.
192.168.1.2.
Set the Netmask for WAN port.
Set the gateway's IP address for WAN port.
Default
Set the multiple IP addresses for WAN port.
Null
192.168.0.1
255.255.255.0
192.168.0.2
Table 4-2-1-5 Static Parameters
2. DHCP Client
If the external network has DHCP server enabled and has assigned IP addresses to the Ethernet WAN
interface, user can select “DHCP client” mode to obtain IP address automatically.
34
UR72 User Guide
Figure 4-2-1-4
DHCP Client
Item
Use Peer DNS
Description
Obtain peer DNS automatically during PPP dialing. DNS is
necessary when visiting domain name.
Table 4-2-1-6 DHCP Client Parameter
3. PPPoE
PPPoE refers to a point to point protocol over Ethernet. User has to install a PPPoE client on the basis of
original connection way. With PPPoE, remote access devices can get control of each user.
35
UR72 User Guide
Figure 4-2-1-5
PPPoE
Item
Username
Password
Link Detection
Interval (s)
Max Retries
Use Peer DNS
Description
Enter the username provided by your Internet Service Provider (ISP).
Enter the password provided by your Internet Service Provider (ISP).
Set the heartbeat interval for link detection. Range: 1-600.
Set the maximum retry times after it fails to dial up. Range: 0-9.
Obtain peer DNS automatically during PPP dialing. DNS is necessary
when visiting domain name.
Table 4-2-1-7 PPoE Parameters
Related Configuration Example
Ethernet WAN Connection
36
UR72 User Guide
4.2.1.3 LAN
1. LAN Settings
LAN setting is used for managing local area network devices which are connected to LAN ports of the
UR72, allowing each of them to access the Internet.
Click
to delete the existing LAN port setting. Click
to add a new LAN port.
Figure 4-2-1-6
LAN
Item
Name
VLAN ID
IP Address
Netmask
MTU
Description
Set interface name of VLAN.
Select VLAN ID of the interface.
Set IP address of LAN port.
Set Netmask of LAN port.
Set the maximum transmission unit of LAN port.
Range: 68-1500.
Default
GE1
1
192.168.1.1
255.255.255.0
1500
Table 4-2-1-8 VLAN Parameters
Related Configuration Example
LAN Management
4.2.1.4. VLAN Settings
VLAN is a kind of new data exchange technology that realizes virtual work groups by logically dividing the
LAN device into network segments.
Client
to delete the current VLAN setting. Click
to add a new VLAN port.
Figure 4-2-1-7
37
UR72 User Guide
VLAN Trunk
Item
Enable
Interface
VID
IP Address
Netmask
Description
The router can encapsulate or decapsulate the virtual LAN tag
when this function is enabled.
Select the VLAN interface from the LAN ports.
Set the label ID of the VLAN. Range: 1-4094.
Set VLAN port's IP address.
Set VLAN port's netmask.
Table 4-2-1-9 VLAN Parameters
4.2.1.5 WLAN (Only Applicable to Wi-Fi Version)
This section explains how to set the related parameters for Wi-Fi network. UR72 supports
802.11/b/g/n/ac, as AP or client mode. Wi-Fi is optional on UR72.
Figure 4-2-1-10
Figure 4-2-1-11
38
UR72 User Guide
WLAN Settings
Item
Enable
Work Mode
Scan
SSID
Channel
Signal
BSSID
Security
Description
Enable/disable WLAN.
Select router's work mode. The options are "Client" and "AP".
Click "Scan" button to search the nearby access point.
Show SSID.
Show wireless channel.
Show wireless signal.
Show the MAC address of the access point.
Show the encryption mode.
Frequency
Show the frequency of radio.
Join Network
SSID
Click the button to join the wireless network.
Fill in the SSID of the access point.
Fill in the MAC address of the access point. Either SSID or BSSID can be filled to
joint the network.
Select encryption mode. The options are “No Encryption", “WEP Open System" ,
“WEP Shared Key", “WPA-PSK", “WPA2-PSK" and “WPA-PSK/WPA2-PSK".
Select cipher. The options are “Auto", “AES", “TKIP" and “AES/TKIP".
Fill the pre-shared key of WPA encryption.
Set the maximum number of client to access when the router is configured as
AP.
When SSID broadcast is disabled, other wireless devices can't not find the SSID,
and users have to enter the SSID manually to access to the wireless network.
When AP isolation is enabled, all users which access to the AP are isolated
without communication with each other.
Select Radio type. The options are “802.11a (5 GHz)”, “802.11b (2.4 GHz)",
“802.11g (2.4 GHz)" and "802.11ad (60GHz).
Select wireless channel. The options are "Auto", "1", "2"......"13".
Select bandwidth. The options are "20MHz" and "40MHz".
BSSID
Encryption Mode
Cipher
Key
Max Client Number
SSID Broadcast
AP Isolation
Radio Type
Channel
Bandwidth
IP Setting
Protocol
IP Address
Netmask
Gateway
Set the IP address in wireless network.
Set the IP address in wireless network.
Set the netmask in wireless network.
Set the gateway in wireless network.
Table 4-2-1-12 WLAN Parameters
Related Topic
Wi-Fi Application Example
39
UR72 User Guide
4.2.1.6 Cellular
This section explains how to set the related parameters for cellular network. The UR72 cellular router has
two cellular interfaces, namely SIM1 and SIM2. Only one cellular interface is active at one time. If both
cellular interfaces are enabled, then SIM1 interface takes precedence by default.
A typical use case would be to have SIM1 configured as the primary cellular interface and SIM2 as a
backup. If the UR72 cannot connect to the network via SIM1, it will automatically fail over to SIM2.
Figure 4-2-1-13
Figure 4-2-1-14
40
UR72 User Guide
General Settings
Item
Enable
Default
Enable
PIN Code
Authentication
Type
Description
Check the option to enable the corresponding SIM card.
Select from "Auto", "4G First", "4G Only", "3G First", "3G
Only", "2G Frist", and "2G Only".
Auto: connect to the network with the strongest signal
automatically.
4G First: 4G network takes precedence.
4G Only: connect to 4G network only.
And so on.
Enter the Access Point Name for cellular dial-up connection
provided by local ISP.
Enter the username for cellular dial-up connection
provided by local ISP.
Enter the password for cellular dial-up connection provided
by local ISP.
Enter the dial-up center NO. For cellular dial-up connection
provided by local ISP.
Enter a 4-8 characters PIN code to unlock the SIM.
Select from "Auto", "PAP", "CHAP", "MS-CHAP", and
"MS-CHAPv2".
Roaming
Enable or disable roaming.
Disable
Network Type
APN
Username
Password
Access Number
SMS Center
Enable NAT
ICMP Server
Secondary ICMP
Server
PING Times
Packet Loss Rate
Enter the local SMS center number for storing, forwarding,
converting and delivering SMS message.
Enable or disable NAT function.
Set the ICMP detection server's IP address.
Auto
Null
Null
Null
Null
Null
Auto
Null
Enable
8.8.8.8
Set the secondary ICMP detection server's IP address.
114.114.114.114
Set PING packet numbers in each ICMP detection.
Set packet loss rate in each ICMP detection. ICMP
detection fails when the preset packet loss rate is
exceeded.
5
20
Table 4-2-1-13 Cellular Parameters
41
UR72 User Guide
Figure 4-2-1-15
Connection Mode
Item
Connection Mode
Connect on
Demand
Triggered by Call
Call Group
Triggered by SMS
SMS Group
SMS Text
Triggered by IO
Description
Select from "Always Online" and "Connect on Demand".
"Connect on Demand" includes "Triggered by Call", "Triggered by
SMS", and "Triggered by IO".
The router will switch from offline mode to cellular network mode
automatically when it receives a call from the specific phone
number.
Select a call group for call trigger. Go to "System > General >
Phone" to set up phone group.
The router will switch from offline mode to cellular network mode
automatically when it receives a specific SMS from the specific
mobile phone.
Select an SMS group for trigger. Go to "System > General > Phone"
to set up SMS group.
Fill in the SMS content for triggering.
The router will switch from offline mode to cellular network mode
automatically when the DI status is changed. Go to "Industrial >
I/O > DI" to configure trigger condition.
Table 4-2-1-14 Cellular Parameters
42
UR72 User Guide
Dual SIM Strategy
Item
Current SIM Card
Switch to backup
SIM card when
ICMP detection fails
Switch to backup
SIM card when the
connection fails
Switch to backup
SIM card when
roaming is detected
Description
Select between "SIM1" and "SIM2" as a current SIM card used.
The router will switch to the backup SIM card when packet loss rate in IMCP
detection exceeds the preset value.
The router will switch to the backup SIM card when the primary one fails to
connect with cellular network.
The router will switch to the backup SIM card when the primary one is roaming.
Table 4-2-1-15 Cellular Parameters
Related Topics
Cellular Network Connection
Dual SIM Failover Application Example
WAN Failover Application Example
Phone Group
DI Setting
4.2.1.7 Loopback
Loopback interface is used for replacing router's ID as long as it is activated. When the interface is DOWN,
the ID of the router has to be selected again which leads to long convergence time of OSPF. Therefore,
Loopback interface is generally recommended as the ID of the router.
Loopback interface is a logic and virtual interface on router. Under default conditions, there's no loopback
interface on router, but it can be created as required.
Figure 4-2-1-16
43
UR72 User Guide
Loopback
Item
IP Address
Netmask
Multiple IP
Addresses
Description
Unalterable
Unalterable
Apart from the IP above, user can configure other
IP addresses.
Default
127.0.0.1
255.0.0.0
Null
Table 4-2-1-16 Loopback Parameters
4.2.2 Firewall
This section describes how to set the firewall parameters, including ACL, DMZ, Port Mapping and MAC
Binding.
The firewall implements corresponding control of data flow at entry direction (from Internet to local area
network) and exit direction (from local area network to Internet) according to the content features of
packets, such as protocol style, source/destination IP address, etc. It ensures that the router operate in a
safe environment and host in local area network.
4.2.2.1 ACL
Access control list, also called ACL, implements permission or prohibition of access for specified network
traffic (such as the source IP address) by configuring a series of matching rules so as to filter the network
interface traffic. When router receives packet, the field will be analyzed according to the ACL rule applied
to the current interface. After the special packet is identified, the permission or prohibition of
corresponding packet will be implemented according to preset strategy.
The data package matching rules defined by ACL can also be used by other functions requiring flow
distinction.
Figure 4-2-2-1
Figure 4-2-2-2
44
UR72 User Guide
Item
Description
ACL Setting
Default Filter Policy
Select from "Accept" and "Deny".
The packets which are not included in the access control list will be
processed by the default filter policy.
Access Control List
Type
Select type from "Extended" and "Standard".
ID
Action
Protocol
User-defined ACL number. Range: 1-199.
Select from "Permit" and "Deny".
Select protocol from "ip", "icmp", "tcp", "udp", and "1-255".
Source IP
Source Wildcard Mask
Destination IP
Source network address (leaving it blank means all).
Wildcard mask of the source network address.
Destination network address (0.0.0.0 means all).
Destination Wildcard
Mask
Description
ICMP Type
Wildcard mask of destination address.
Fill in a description for the groups with the same ID.
Enter the type of ICMP packet. Range: 0-255.
ICMP Code
Source Port Type
Source Port
Enter the code of ICMP packet. Range: 0-255.
Select source port type, such as specified port, port range, etc.
Set source port number. Range: 1-65535.
Start Source Port
End Source Port
Set start source port number. Range: 1-65535.
Set end source port number. Range: 1-65535.
Destination Port Type
Select destination port type, such as specified port, port range, etc.
Destination Port
Start Destination Port
End Destination Port
Set destination port number. Range: 1-65535.
Set start destination port number. Range: 1-65535.
Set end destination port number. Range: 1-65535.
More Details
Interface List
Interface
Show information of the port.
In ACL
Select a rule for incoming traffic from ACL ID.
Out ACL
Select a rule for outgoing traffic from ACL ID.
Select network interface for access control.
Table 4-2-2-1 ACL Parameters
Related Configuration Example
Access Control Application Example
4.2.2.2 DMZ
DMZ is a host within the internal network that has all ports exposed, except those forwarded ports in port
mapping.
45
UR72 User Guide
Figure 4-2-2-3
DMZ
Item
Enable
DMZ Host
Source Address
Description
Enable or disable DMZ.
Enter the IP address of the DMZ host on the internal network.
Set the source IP address which can access to DMZ host.
"0.0.0.0/0" means any address.
Table 4-2-2-2 DMZ Parameters
4.2.2.3 Port Mapping
Port mapping is an application of network address translation (NAT) that redirects a communication
request from the combination of an address and port number to another while the packets are traversing
a network gateway such as a router or firewall.
Click
to add a new port mapping rules.
Figure 4-2-2-4
Port Mapping
Item
Source IP
Source Port
Destination IP
Description
Specify the host or network which can access local IP address.
0.0.0.0/0 means all.
Enter the TCP or UDP port from which incoming packets are
forwarded. Range: 1-65535.
Enter the IP address that packets are forwarded to after being
received on the incoming interface.
46
UR72 User Guide
Destination Port
Protocol
Description
Enter the TCP or UDP port that packets are forwarded to after
being received on the incoming port(s). Range: 1-65535.
Select from "TCP" and "UDP" as your application required.
The description of this rule.
Table 4-2-2-3 Port Mapping Parameters
Related Configuration Example
NAT Application Example
4.2.2.4 MAC Binding
MAC Binding is used for specifying hosts by matching MAC addresses and IP addresses that are in the list
of allowed outer network access.
Figure 4-2-2-5
MAC Binding List
Item
MAC Address
IP Address
Description
Description
Set the binding MAC address.
Set the binding IP address.
Fill in a description for convenience of recording the meaning
of the binding rule for each piece of MAC-IP.
Table 4-2-2-4 MAC Binding Parameters
4.2.3 QoS
Quality of service (QoS) refers to traffic prioritization and resource reservation control mechanisms rather
than the achieved service quality. QoS is engineered to provide different priority for different applications,
users, data flows, or to guarantee a certain level of performance to a data flow.
47
UR72 User Guide
4.2.3.1 QoS (Download/Upload)
Figure 4-2-3-1
QoS
Item
Download/Upload
Description
Enable
Enable or disable QoS.
Default Class
Download/Upload
Bandwidth Capacity
Service Classes
Select default class from Service Class list.
The download/upload bandwidth capacity of the network that
the router is connected with, in kbps. Range: 1-8000000.
Name
Give the service class a descriptive name.
The amount of bandwidth that this class should be guaranteed
in percentage. Range: 0-100.
The maximum bandwidth that this class is allowed to
consume, in kbps. The value should be less than the
"Download/Upload Bandwidth Capacity".
The minimum bandwidth that can be guaranteed for the class,
in kbps. The value should be less than the "MAX BW" value.
Percent (%)
Max BW(kbps)
Min BW(kbps)
Classification Rules
Item
Name
Source IP
Description
Give the rule a descriptive name.
Source address of flow control (leaving it blank means any).
48
UR72 User Guide
Source Port
Source port of flow control. Range: 0-65535 (leaving it blank
means any).
Destination IP
Destination address of flow control (leaving it blank means any).
Destination port of flow control. Range: 0-65535 (leaving it blank
means any).
Select protocol from "ANY", "TCP", "UDP", "ICMP", and "GRE".
Set service class for the rule.
Destination Port
Protocol
Service Class
Table 4-2-3-1 QoS (Download/Upload) Parameters
Related Application Example
QoS Application Example
4.2.4 DHCP
DHCP adopts Client/Server communication mode. The Client sends configuration request to the Server
which feeds back corresponding configuration information and distributes IP address to the Client so as to
achieve the dynamic configuration of IP address and other information.
4.2.4.1 DHCP Server
The UR72 can be set as a DHCP server to distribute IP address when a host logs on and ensures each host
is supplied with different IP addresses. DHCP Server has simplified some previous network management
tasks requiring manual operations to the largest extent.
Figure 4-2-4-1
DHCP Server
Item
Enable
Description
Enable or disable DHCP server.
Default
Enable
49
UR72 User Guide
Interface
Start
Address
End Address
Netmask
Lease Time
(Min)
Primary DNS
Server
Secondary
DNS Server
Windows
Name Server
Select interface, e.g. GE1.
Define the beginning of the pool of IP addresses which
will be leased to DHCP clients.
Define the end of the pool of IP addresses which will be
leased to DHCP clients.
Define the subnet mask of IP address obtained by
DHCP clients from DHCP server.
Set the lease time on which the client can use the IP
address obtained from DHCP server. Range: 1-10080.
GE1
Set the primary DNS server.
114.114.114.114
Set the secondary DNS server.
Null
Define the Windows Internet Naming Service obtained
by DHCP clients from DHCP sever. Generally you can
leave it blank.
Null
192.168.1.100
192.168.1.199
255.255.255.0
1440
Static IP
MAC
Address
IP Address
Set a static and specific MAC address for the DHCP
client (it should be different from other MACs so as to
avoid conflict).
Set a static and specific IP address for the DHCP client
(it should be outside of the DHCP range).
Null
Null
Table 4-2-4-1 DHCP Server Parameters
4.2.4.2 DHCP Relay
The UR72 can be set as DHCP Relay to provide a relay tunnel to solve the problem that DHCP Client and
DHCP Server are not in the same subnet.
Figure 4-2-4-2
DHCP Relay
Item
Description
Enable
Enable or disable DHCP relay.
DHCP Server
Set DHCP server, up to 10 servers can be configured; separate
them by blank space or ",".
Table 4-2-4-2 DHCP Relay Parameters
50
UR72 User Guide
4.2.5 DDNS
Dynamic DNS (DDNS) is a method that automatically updates a name server in the Domain Name System,
which allows user to alias a dynamic IP address to a static domain name.
DDNS serves as a client tool and needs to coordinate with DDNS server. Before starting configuration, user
shall register on a website of proper domain name provider and apply for a domain name.
Figure 4-2-5-1
DDNS
Item
Description
Name
Interface
Service Type
Username
User ID
Password
Server
Hostname
Give the DDNS a descriptive name.
Set interface bundled with the DDNS.
Select the DDNS service provider.
Enter the username for DDNS register.
Enter User ID of the custom DDNS server.
Enter the password for DDNS register.
Enter the name of DDNS server.
Enter the hostname for DDNS.
Append IP
Append your current IP to the DDNS server update path.
Table 4-2-5-1 DDNS Parameters
Item
Advanced Options
Name
Provider
Check IP Server
Check IP Path
Check IP SSL
Check IP Command
Use HTTPS
Description
Select the DDNS name.
Enter DDNS server provider.
Server used for periodic IP address changes.
Optional server path for check IP server.
This setting usually follows the SSL setting, but can be used to
disable HTTPS for the IP address check. This might be needed
for some providers that only support HTTPS for the DNS
record update.
Shell command, or script for IP address update checking.
Use HTTPS or not.
51
UR72 User Guide
Domain Wildcard
Other Options
Name
Period (s)
Verify Address
Fake Address
Allow IPv6
Forced Update (s)
Secure SSL
CA Certificates PATH
Enable/disable domain name wildcard of your domain name.
Select the DDNS name.
Decide how often is the IP address checked, in seconds. The
default interval is 3600s. Range: 60-864000
Verify IP address, making sure the address is a valid Internet
address.
This option can be used to fake an address by updating with a
"random" address in the 203.0.113.0/24 range.
Allow or discard IPv6 addresses.
Decide how often the IP should be updated even if it is not
changed, in seconds. The default interval is 2592000 s (30
days).
When this option is enabled, the DDNS update will be aborted
before sending any credentials if the HTTPS certificate
validation fails for a provider. When it's disabled, then will only
a warning is issued.
Specify the path to a trusted set of CA certificates.
Table 4-2-5-2 DDNS Parameters
4.2.6 Link Failover
This section describes how to configure link failover strategies, including VRRP strategies and WAN
failover strategies between Ethernet WAN and cellular.
Configuration Steps
1.
2.
3.
Define one or more SLA operations (ICMP probe).
Define one or more track objects to track the status of SLA operation.
Define applications associated with track objects, such as VRRP, WAN failover or static routing.
4.2.6.1 SLA
SLA setting is used for configuring link probe method. The default probe type is ICMP.
Figure 4-2-6-1
52
UR72 User Guide
SLA
Item
Description
Default
ID
SLA index. Up to 10 SLA settings can be added.
Range: 1-10.
1
Type
ICMP-ECHO is the default type to detect if the
link is alive.
icmp-echo
Destination Address
The detected IP address.
Secondary Destination
The secondary detected IP address.
Address
114.114.114.114
8.8.8.8
Data Size
User-defined data size. Range: 0-1000.
56
Interval (s)
User-defined detection interval. Range:
1-608400.
30
Timeout (ms)
User-defined timeout for response to determine
ICMP detection failure. Range: 1-300000.
5000
PING Times
Define PING packet numbers in each SLA probe.
Range: 1-1000.
5
Define packet loss rate in each SLA probe. SLA
probe fails when the preset packet loss rate is
exceeded.
20
Packet Loss Rate
Start Time
Detection start time; select from "Now" and
blank character. Blank character means this SLA
detection doesn't start.
now
Table 4-2-6-1 SLA Parameters
4.2.6.2 Track
Track setting is designed for achieving linkage among SLA module, Track module and Application module.
Track setting is located between application module and SLA module with main function of shielding the
differences of various SLA modules and providing unified interfaces for application module.
Linkage between Track Module and SLA module
Once you complete the configuration, the linkage relationship between Track module and SLA module will
be established. SLA module is used for detection of link status, network performance and notification of
Track module. The detection results help track status change timely.
- For successful detection, the corresponding track item is Positive.
- For failed detection, the corresponding track item is Negative.
Linkage between Track Module and Application Module
After configuration, the linkage relationship between Track module and Application module will be
established. When any change occurs in track item, a notification that requires corresponding treatment
53
UR72 User Guide
will be sent to Application module.
Currently, the application modules like VRRP, WAN failover and static routing can get linkage with track
module.
If it sends an instant notification to Application module, the communication may be interrupted in some
circumstances due to routing's failure like timely restoration or other reasons. Therefore, user can set up a
period of time to delay notifying application module when the track item status changes.
Figure 4-2-6-2
Item
Description
Default
Index
Track index. Up to 10 track settings can be
configured. Range: 1-10.
1
Type
The options are "sla" and "interface".
SLA
SLA ID
Defined SLA ID.
1
Interface
Negative Delay (s)
Positive Delay (s)
Select the interface whose status will be
detected.
When interface is down or SLA probing fails, it
will wait according to the time set here before
actually changing its status to Down. Range:
0-180 (0 refers to immediate switching).
When failure recovery occurs, it will wait
according to the time set here before actually
changing its status to Up. Range: 0-180 (0
refers to immediate switching).
cellular0
0
1
Table 4-2-6-2 Track Parameters
4.2.6.3 VRRP
The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides
automatic assignment of available Internet Protocol (IP) routers for participating hosts. This increases the
availability and reliability of routing paths via automatic default gateway selections in an IP sub-network.
Increasing the number of exit gateway is a common method for improving system reliability. VRRP adds a
group of routers that undertake gateway function into a backup group so as to form a virtual router. The
election mechanism of VRRP will decide which router undertakes the forwarding task, and the host in LAN
is only required to configure the default gateway for the virtual router.
In VRRP, routers need to be aware of failures in the virtual master router. To achieve this, the virtual
master router sends out multicast “alive” announcements to the virtual backup routers in the same VRRP
54
UR72 User Guide
group.
The VRRP router who has the highest number will become the virtual master router. The VRRP router
number ranges from 1 to 255 and usually we use 255 for the highest priority and 100 for backup.
If the current virtual master router receives an announcement from a group member (Router ID) with a
higher priority, then the latter will pre-empt and become the virtual master router.
VRRP has the following characteristics:
- The virtual router with an IP address is known as the Virtual IP address. For the host in LAN, it is only
required to know the IP address of virtual router, and set it as the address of the next hop of the
default route.
- The network Host communicates with the external network through this virtual router.
-
A router will be selected from the set of routers based on its priority to undertake the gateway
function. Other routers will be used as backup routers to perform the duties of gateway for the
gateway router in the case of any malfunction, so as to guarantee uninterrupted communication
between the host and external network.
When interface connected with the uplink is at the state of Down or Removed, the router actively lowers
its priority so that priority of other routers in the backup group will be higher. Thus the router with the
highest priority becomes the gateway for the transmission task.
Figure 4-2-6-3
55
UR72 User Guide
VRRP
Item
Enable
Interface
Virtual Router ID
Virtual IP
Priority
Advertisement
Interval (s)
Preemption Mode
Track ID
Description
Enable or disable VRRP.
Select the interface of Virtual Router.
User-defined Virtual Router ID. Range: 1-255.
Set the IP address of Virtual Router.
The VRRP priority range is 1-254 (a bigger number
indicates a higher priority). The router with higher
priority will be more likely to become the
gateway router.
Heartbeat package transmission time interval
between routers in the virtual ip group. Range:
1-255.
If the router works in the preemption mode, once
it finds that its own priority is higher than that of
the current gateway router, it will send VRRP
notification package, resulting in re-election of
gateway router and eventually replacing the
original gateway router. Accordingly, the original
gateway router will become a Backup router.
Trace detection, select the defined track ID or
blank character.
Default
Disable
None
None
None
100
1
Disable
None
Table 4-2-6-3 VRRP Parameters
Note: for UR72, if you select “bridge0” as interface, you must select a track ID, otherwise VRRP status
won’t show correctly.
Related Configuration Example
VRRP Application Example
4.2.6.4 WAN Failover
WAN failover refers to failover between Ethernet WAN interface and cellular interface. When service
transmission can’t be carried out normally due to malfunction of a certain interface or lack of bandwidth,
the rate of flow can be switched to backup interface quickly. Then the backup interface will carry out
service transmission and share network flow so as to improve reliability of communication of data
equipment.
When link state of main interface is switched from up to down, system will have the pre-set delay works
instead of switching to link of backup interface immediately. Only if the state of main interface is still
down after delay, will the system switch to link of backup interface. Otherwise, system will remain
unchanged.
56
UR72 User Guide
Figure 4-2-6-4
WAN Failover
Parameters
Main Interface
Backup Interface
Startup Delay (s)
Up Delay (s)
Down Delay (s)
Track ID
Description
Select a link interface as the main link.
Select a link interface as the backup link.
Set how long to wait for the startup tracking
detection policy to take effect. Range: 0-300.
When the primary interface switches from
failed detection to successful detection,
switching can be delayed based on the set
time. Range: 0-180 (0 refers to immediate
switching).
When the primary interface switches from
successful detection to failed detection,
switching can be delayed based on the set
time. Range: 0-180 (0 refers to immediate
switching).
Default
Cellular0
GE0
Track detection, select the defined track ID.
1
3
0
0
Table 4-2-6-4 WAN Failover Parameters
Related Configuration Example
WAN Failover Application Example
4.2.7 Routing
4.2.7.1 Static Routing
A static routing is a manually configured routing entry. Information about the routing is manually entered
rather than obtained from dynamic routing traffic. After setting static routing, the package for the
specified destination will be forwarded to the path designated by user.
57
UR72 User Guide
Figure 4-2-7-1
Static Routing
Item
Description
Destination
Enter the destination IP address.
Netmask
Enter the subnet mask of destination address.
Interface
The interface through which the data can reach the destination address.
Distance
IP address of the next router that will be passed by before the input data
reaches the destination address.
Priority, smaller value refers to higher priority. Range: 1-255.
Track ID
Track detection, select the defined track ID. You can leave it blank.
Gateway
Table 4-2-7-1 Static Routing Parameters
Related Topics
Static Routing Application Example
Track Setting
4.2.7.2 RIP
RIP is mainly designed for small networks. RIP uses Hop Count to measure the distance to the destination
address, which is called Metric. In RIP, the hop count from the router to its directly connected network is 0
and the hop count of network to be reached through a router is 1 and so on. In order to limit the
convergence time, the specified metric of RIP is an integer in the range of 0 - 15 and the hop count larger
than or equal to 16 is defined as infinity, which means that the destination network or host is unreachable.
Because of this limitation, the RIP is not suitable for large-scale networks. To improve performance and
58
UR72 User Guide
prevent routing loops, RIP supports split horizon function. RIP also introduces routing obtained by other
routing protocols.
Each router that runs RIP manages a routing database, which contains routing entries to reach all
reachable destinations.
Figure 4-2-7-2
RIP
Item
Description
Enable
Enable or disable RIP.
Update Timer
Timeout Timer
Garbage Collection Timer
Version
It defines the interval to send routing updates. Range: 5-2147483647,
in seconds.
It defines the routing aging time. If no update package on a routing is
received within the aging time, the routing's Routing Cost in the
routing table will be set to 16. Range: 5-2147483647, in seconds.
It defines the period from the routing cost of a routing becomes 16 to
it is deleted from the routing table. In the time of Garbage-Collection,
RIP uses 16 as the routing cost for sending routing updates. If Garbage
Collection times out and the routing still has not been updated, the
routing will be completely removed from the routing table. Range:
5-2147483647, in seconds.
RIP version. The options are v1 and v2.
Advanced Settings
Default Information Originate
Default information will be released when this function is enabled.
59
UR72 User Guide
Default Metric
The default cost for the router to reach destination. Range: 0-16
Redistribute Connected
Check to enable.
Metric
Set metric after "Redistribute Connected" is enabled. Range: 0-16.
Redistribute Static
Check to enable.
Metric
Set metric after "Redistribute Static" is enabled. Range: 0-16.
Redistribute OSPF
Check to enable.
Metric
Set metric after "Redistribute OSPF" is enabled. Range: 0-16.
Table 4-2-7-2 RIP Parameters
Figure 4-2-7-3
60
UR72 User Guide
Item
Description
Distance/Metric Management
Distance
Set the administrative distance that a RIP route learns. Range:
1-255.
IP Address
Set the IP address of RIP route.
Netmask
Set the netmask of RIP route.
ACL Name
Set ACL name of RIP route.
Metric
The metric of received route or sent route from the interface.
Range: 0-16.
Policy in/out
Select from "in" and "out".
Interface
Select interface of the route.
ACL Name
Access control list name of the route strategy.
Filter Policy
Policy Type
Select from "access-list" and "prefix-list".
Policy Name
User-defined prefix-list name.
Policy in/out
Select from "in" and "out".
Interface
Select interface from "cellular0", "GE1" and "GE0".
Passive Interface
Passive Interface
Select interface from "cellular0" and "GE1", "GE0".
Interface
Interface
Select interface from "cellular0", "GE1" and "GE0".
Send Version
Select from "default", "v1" and "v2".
Receive Version
Select from "default", "v1" and "v2".
Split-Horizon
Select from "enable" and "disable".
Authentication Mode
Select from "text" and "md5".
Authentication String
The authentication key for package interaction in RIPV2.
Authentication
Key-chain
The authentication key-chain for package interaction in RIPV2.
Neighbor
IP Address
Set RIP neighbor's IP address manually.
Network
IP Address
The IP address of interface for RIP publishing.
Netmask
The netmask of interface for RIP publishing.
Table 4-2-7-3
Related Configuration Example
Dynamic Routing Application Example
61
UR72 User Guide
4.2.7.3 OSPF
OSPF, short for Open Shortest Path First, is a link status based on interior gateway protocol developed by
IETF.
If a router wants to run the OSPF protocol, there should be a Router ID that can be manually configured. If
no Router ID configured, the system will automatically select an IP address of interface as the Router ID.
The selection order is as follows:
- If a Loopback interface address is configured, then the last configured IP address of Loopback
interface will be used as the Router ID;
- If no Loopback interface address is configured, the system will choose the interface with the biggest IP
address as the Router ID.
Five types of packets of OSPF:
-
Hello packet
DD packet (Database Description Packet)
LSR packet (Link-State Request Packet)
LSU packet (Link-State Update Packet)
LSAck packet (Link-Sate Acknowledgment Packet)
Neighbor and Neighboring
After OSPF router starts up, it will send out Hello Packets through the OSPF interface. Upon receipt of
Hello packet, OSPF router will check the parameters defined in the packet. If it’s consistent, a neighbor
relationship will be formed. Not all matched sides in neighbor relationship can form the adjacency
relationship. It is determined by the network type. Only when both sides successfully exchange DD
packets and LSDB synchronization is achieved, the adjacency in the true sense can be formed. LSA
describes the network topology around a router, LSDB describes entire network topology.
Figure 4-2-7-4
62
UR72 User Guide
OSPF
Item
Description
Enable
Enable or disable OSPF.
Router ID
Router ID (IP address) of the originating LSA.
ABR Type
Select from cisco, ibm, standard and shortcut.
RFC1583 Compatibility
Enable/Disable.
OSPF Opaque-LSA
SPF Delay Time
SPF Initial-holdtime
SPF Max-holdtime
Reference Bandwidth
Enable/Disable
LSA: a basic communication means of the OSPF routing
protocol for the Internet Protocol (IP).
Set the delay time for OSPF SPF calculations.
Range: 0-6000000, in milliseconds.
Set the initialization time of OSPF SPF.
Range: 0-6000000, in milliseconds.
Set the maximum time of OSPF SPF.
Range: 0-6000000, in milliseconds.
Range: 1-4294967, in Mbit.
Table 4-2-7-4 OSPF Parameters
Figure 4-2-7-5
Item
Interface
Interface
Hello Interval (s)
Dead Interval (s)
Retransmit
Description
Select interface from "cellular0" and "GE0".
Send interval of Hello packet. If the Hello time between two adjacent
routers is different, the neighbour relationship cannot be established.
Range: 1-65535.
Dead Time. If no Hello packet is received from the neighbours within
the dead time, then the neighbour is considered failed. If dead times of
two adjacent routers are different, the neighbour relationship cannot
be established.
When the router notifies an LSA to its neighbour, it is required to make
63
UR72 User Guide
Interval (s)
acknowledgement. If no acknowledgement packet is received within
the retransmission interval, this LSA will be retransmitted to the
neighbour. Range: 3-65535.
It will take time to transmit OSPF packets on the link. So a certain delay
time should be increased before transmission the aging time of LSA.
Transmit Delay
This configuration needs to be further considered on the low-speed
(s)
link.
Range: 1-65535
Interface Advanced Options
Interface
Select interface.
Network
Select OSPF network type.
Cost
Set the cost of running OSPF on an interface. Range: 1-65535.
Priority
Set the OSPF priority of interface. Range: 0-255.
Set the authentication mode that will be used by the OSPF area.
Simple: a simple authentication password should be configured and
Authentication
confirmed again.
MD5: MD5 key & password should be configured and confirmed again.
Key ID
It only takes effect when MD5 is selected. Range 1-255.
Key
The authentication key for OSPF packet interaction.
Table 4-2-7-5 OSPF Parameters
Figure 4-2-7-6
Item
Passive Interface
Passive Interface
Description
Select interface from "cellular0", "GE0" and "GE1".
64
UR72 User Guide
Network
IP Address
Netmask
Area ID
Area
Area ID
Area
No Summary
Authentication
The IP address of local network.
The netmask of local network.
The area ID of original LSA's router.
Set the ID of the OSPF area (IP address).
Select from "Stub" and "NSSA".
The backbone area (area ID 0.0.0.0) cannot be set as "Stub" or
"NSSA".
Forbid route summarization.
Select authentication from "simple" and "md5".
Table 4-2--7-6 OSPF Parameters
Figure 4-2-7-7
Area Advanced Options
Item
Description
Area Range
Area ID
The area ID of the interface when it runs OSPF (IP address).
IP Address
Set the IP address.
Netmask
Set the netmask.
No Advertise
Forbid the route information to be advertised among different areas.
Cost
Range: 0-16777215
Area Filter
Area ID
Select an Area ID for Area Filter.
Filter Type
Select from "import", "export", "filter-in", and "filter-out".
ACL Name
Enter an ACL name which is set on "Routing > Routing Filtering" webpage.
Area Virtual Link
Area ID
Set the ID number of OSPF area.
ABR Address
ABR is the router connected to multiple outer areas.
65
UR72 User Guide
Authentication
Select from "simple" and "md5".
Key ID
It only takes effect when MD5 is selected. Range 1-15.
Key
The authentication key for OSPF packet interaction.
Hello Interval
Set the interval time for sending Hello packets through the interface. Range:
1-65535.
Dead Interval
The dead interval time for sending Hello packets through the interface. Range:
1-65535.
Retransmit Interval
The retransmission interval time for re-sending LSA.
Range: 1-65535.
Transmit Delay
The delay time for LSA transmission. Range: 1-65535.
Table 4-2-7-7 OSPF Parameters
Figure 4-2-7-8
Item
Description
Redistribution
Redistribution Type
Select from "connected", "static" and "rip".
Metric
The metric of redistribution router. Range: 0-16777214.
Metric Type
Select Metric type from "1" and "2".
Route Map
Mainly used to manage route for redistribution.
Redistribution Advanced Options
Always Redistribute
Send redistribution default route after starting up.
Default Route
Redistribute Default
Send redistribution default route metric. Range: 0-16777214.
Route Metric
Redistribute Default
Select from "0", "1" and "2".
Route Metric Type
Distance Management
Area Type
Select from "intra-area", "inter-area" and "external".
Distance
Set the OSPF routing distance for area learning. Range: 1-255.
Table 4-2-7-8 OSPF Parameters
66
UR72 User Guide
4.2.7.4 Routing Filtering
Figure 4-2-7-9
Routing Filtering
Item
Access Control List
Name
Action
Match Any
IP Address
Netmask
IP Prefix-List
Name
Sequence Number
Action
Match Any
IP Address
Netmask
GE Length
LE Length
Description
User-defined name, need to start with a letter. Only letters, digits and underline
(_) are allowed.
Select from "permit" and "deny".
No need to set IP address and subnet mask.
User-defined.
User-defined.
User-defined name, need to start with a letter. Only letters, digits and underline
(_) are allowed.
A prefix name list can be matched with multiple rules. One rule is matched with
one sequence number. Range: 1-4294967295.
Select from "permit" and "deny".
No need to set IP address, subnet mask, GE Length, and LE Length.
User-defined.
User-defined.
Specify the minimum number of mask bits that must be matched. Range: 0-32.
Specify the maximum number of mask bits that must be matched. Range: 0-32.
Table 4-2-7-9 Routing Filtering Parameters
4.2.8 VPN
Virtual Private Networks, also called VPNs, are used to securely connect two private networks together so
that devices can connect from one network to the other network via secure channels.
UR72 supports DMVPN, IPsec, GRE, L2TP, PPTP, OpenVPN, as well as GRE over IPsec and L2TP over IPsec.
67
UR72 User Guide
4.2.8.1 DMVPN
A dynamic multi-point virtual private network (DMVPN), combining mGRE and IPsec, is a secure network
that exchanges data between sites without passing traffic through an organization's headquarter VPN
server or router.
Figure 4-2-8-1
DMVPN
Item
Enable
Hub Address
Local IP address
GRE Hub IP Address
Description
Enable or disable DMVPN.
The IP address or domain name of DMVPN Hub.
DMVPN local tunnel IP address.
GRE Hub tunnel IP address.
68
UR72 User Guide
GRE Local IP Address
GRE Netmask
GRE Key
Negotiation Mode
Authentication
Algorithm
Encryption Algorithm
DH Group
Key
Local ID Type
IKE Life Time (s)
SA Algorithm
PFS Group
Life Time (s)
DPD Interval Time (s)
DPD Timeout (s)
Cisco Secret
NHRP Holdtime (s)
GRE local tunnel IP address.
GRE local tunnel netmask.
GRE tunnel key.
Select from "Main" and "Aggressive".
Select from "DES", "3DES", "AES128", "AES192" and "AES256".
Select from "MD5" and "SHA1".
Select from "MODP768_1", "MODP1024_2" and
"MODP1536_5".
Enter the preshared key.
Select from "Default", "ID", "FQDN", and "User FQDN"
Set the lifetime in IKE negotiation. Range: 60-86400.
Select from "DES_MD5", "DES_SHA1", "3DES_MD5",
"3DES_SHA1", "AES128_MD5", "AES128_SHA1",
"AES192_MD5", "AES192_SHA1", "AES256_MD5" and
"AES256_SHA1".
Select from "NULL", "MODP768_1", "MODP1024_2" and
"MODP1536-5".
Set the lifetime of IPsec SA. Range: 60-86400.
Set DPD interval time
Set DPD timeout.
Cisco Nhrp key.
The holdtime of Nhrp protocol.
Table 4-2-8-1 DMVPN Parameters
4.2.8.2 IPSec
IPsec is especially useful for implementing virtual private networks and for remote user access through
dial-up connection to private networks. A big advantage of IPsec is that security arrangements can be
handled without requiring changes to individual user computers.
IPsec provides three choices of security service: Authentication Header (AH), Encapsulating Security
Payload (ESP), and Internet Key Exchange (IKE). AH essentially allows authentication of the senders’ data.
ESP supports both authentication of the sender and data encryption. IKE is used for cipher code exchange.
All of them can protect one and more data flows between hosts, between host and gateway, and between
gateways.
69
UR72 User Guide
Figure 4-2-8-2
IPsec
Item
Enable
IPsec Gateway Address
IPsec Mode
IPsec Protocol
Local Subnet
Local Subnet Netmask
Local ID Type
Remote Subnet
Remote Subnet Mask
Remote ID type
Description
Enable IPsec tunnel. A maximum of 3 tunnels is allowed.
Enter the IP address or domain name of remote IPsec server.
Select from "Tunnel" and "Transport".
Select from "ESP" and "AH".
Enter the local subnet IP address that IPsec protects.
Enter the local netmask that IPsec protects.
Select from "Default", "ID", "FQDN", and "User FQDN".
Enter the remote subnet IP address that IPsec protects.
Enter the remote netmask that IPsec protects.
Select from "Default", "ID", "FQDN", and "User FQDN".
Table 4-2-8-2 IPsec Parameters
70
UR72 User Guide
Figure 4-2-8-3
IKE Parameter
Item
IKE Version
Negotiation Mode
Encryption Algorithm
Authentication
Algorithm
DH Group
Local Authentication
Local Secrets
XAUTH
Lifetime (s)
SA Parameter
Description
Select from "IKEv1" and "IKEv2".
Select from "Main" and "Aggressive".
Select from "DES", "3DES", "AES128", "AES192" and "AES256".
Select from "MD5" and " SHA1"
Select from "MODP768_1", "MODP1024_2" and
"MODP1536_5".
Select from "PSK" and "CA".
Enter the pre-shared key.
Enter XAUTH username and password after XAUTH is enabled.
Set the lifetime in IKE negotiation. Range: 60-86400.
71
UR72 User Guide
SA Algorithm
PFS Group
Lifetime (s)
DPD Interval Time(s)
DPD Timeout(s)
IPsec Advanced
Enable Compression
VPN Over IPsec Type
Select from "DES_MD5", "DES_SHA1", "3DES_MD5",
"3DES_SHA1", "AES128_MD5", "AES128_SHA1",
"AES192_MD5", "AES192_SHA1", "AES256_MD5" and
"AES256_SHA1".
Select from "NULL", "MODP768_1" , "MODP1024_2" and
"MODP1536_5".
Set the lifetime of IPsec SA. Range: 60-86400.
Set DPD interval time to detect if the remote side fails.
Set DPD timeout. Range: 10-3600.
The head of IP packet will be compressed after it's enabled.
Select from "NONE", "GRE" and "L2TP" to enable VPN over
IPsec function.
Table 4-2-8-3 IPsec Parameters
4.2.8.3 GRE
Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other
protocols over IP networks. It’s a tunneling technology that provides a channel through which
encapsulated data message could be transmitted and encapsulation and decapsulation could be realized
at both ends.
In the following circumstances the GRE tunnel transmission can be applied:
- GRE tunnel could transmit multicast data packets as if it were a true network interface. Single use of
IPSec cannot achieve the encryption of multicast.
- A certain protocol adopted cannot be routed.
- A network of different IP addresses shall be required to connect other two similar networks.
72
UR72 User Guide
Figure 4-2-8-4
GRE
Item
Enable
Remote IP Address
Local IP Address
Local Virtual IP Address
Netmask
Peer Virtual IP Address
Global Traffic
Forwarding
Remote Subnet
Remote Netmask
MTU
Key
Enable NAT
Description
Check to enable GRE function.
Enter the real remote IP address of GRE tunnel.
Set the local IP address.
Set the local tunnel IP address of GRE tunnel.
Set the local netmask.
Enter remote tunnel IP address of GRE tunnel.
All the data traffic will be sent out via GRE tunnel when this
function is enabled.
Enter the remote subnet IP address of GRE tunnel.
Enter the remote netmask of GRE tunnel.
Enter the maximum transmission unit. Range: 64-1500.
Set GRE tunnel key.
Enable NAT traversal function.
Table 4-2-8-4 GRE Parameters
4.2.8.4 L2TP
Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used
73
UR72 User Guide
by an Internet service provider (ISP) to enable the operation of a virtual private network (VPN) over the
Internet.
Figure 4-2-8-5
L2TP
Item
Enable
Remote IP Address
Username
Password
Authentication
Global Traffic
Forwarding
Remote Subnet
Remote Subnet Mask
Key
Description
Check to enable L2TP function.
Enter the public IP address or domain name of L2TP server.
Enter the username that L2TP server provides.
Enter the password that L2TP server provides.
Select from "Auto", "PAP", "CHAP", "MS-CHAPv1" and
"MS-CHAPv2".
All of the data traffic will be sent out via L2TP tunnel after this
function is enabled.
Enter the remote IP address that L2TP protects.
Enter the remote netmask that L2TP protects.
Enter the password of L2TP tunnel.
Table 4-2-8-5 L2TP Parameters
74
UR72 User Guide
Figure 4-2-8-6
Advanced Settings
Item
Local IP Address
Peer IP Address
Enable NAT
Enable MPPE
Address/Control
Compression
Protocol Field
Compression
Asyncmap Value
MRU
MTU
Link Detection Interval (s)
Max Retries
Expert Options
Description
Set tunnel IP address of L2TP client. Client will obtain tunnel IP
address automatically from the server when it's null.
Enter tunnel IP address of L2TP server.
Enable NAT traversal function.
Enable MPPE encryption.
For PPP initialization. User can keep the default option.
For PPP initialization. User can keep the default option.
One of the PPP protocol initialization strings. User can keep
the default value. Range: 0-ffffffff.
Set the maximum receive unit. Range: 64-1500.
Set the maximum transmission unit. Range: 64-1500
Set the link detection interval time to ensure tunnel
connection. Range: 0-600.
Set the maximum times of retry to detect the L2TP connection
failure. Range: 0-10.
User can enter some other PPP initialization strings in this
field and separate the strings with blank space.
Table 4-2-8-6 L2TP Parameters
75
UR72 User Guide
4.2.8.5 PPTP
Point-to-Point Tunneling Protocol (PPTP) is a protocol that allows corporations to extend their own
corporate network through private "tunnels" over the public Internet. Effectively, a corporation uses a
wide-area network as a single large local area network.
Figure 4-2-8-7
PPTP
Item
Enable
Remote IP Address
Username
Password
Authentication
Global Traffic Forwarding
Remote Subnet
Remote Subnet Mask
Description
Enable PPTP client. A maximum of 3 tunnels is allowed.
Enter the public IP address or domain name of PPTP server.
Enter the username that PPTP server provides.
Enter the password that PPTP server provides.
Select from "Auto", "PAP", "CHAP", "MS-CHAPv1", and
"MS-CHAPv2".
All of the data traffic will be sent out via PPTP tunnel once
enable this function.
Set the peer subnet of PPTP.
Set the netmask of peer PPTP server.
Table 4-2-8-7 PPTP Parameters
76
UR72 User Guide
Figure 4-2-8-8
PPTP Advanced Settings
Item
Local IP Address
Peer IP Address
Enable NAT
Enable MPPE
Address/Control
Compression
Protocol Field
Compression
Asyncmap Value
MRU
MTU
Link Detection Interval (s)
Max Retries
Expert Options
Description
Set IP address of PPTP client.
Enter tunnel IP address of PPTP server.
Enable the NAT faction of PPTP.
Enable MPPE encryption.
For PPP initialization. User can keep the default option.
For PPP initialization. User can keep the default option.
One of the PPP protocol initialization strings. User can keep
the default value. Range: 0-ffffffff.
Enter the maximum receive unit. Range: 0-1500.
Enter the maximum transmission unit. Range: 0-1500.
Set the link detection interval time to ensure tunnel
connection. Range: 0-600.
Set the maximum times of retrying to detect the PPTP
connection failure. Range: 0-10.
User can enter some other PPP initialization strings in this
field and separate the strings with blank space.
Table 4-2-8-8 PPTP Parameters
77
UR72 User Guide
Related Configuration Example
PPTP Application Example
4.2.8.6 OpenVPN Client
OpenVPN is an open source virtual private network (VPN) product that offers a simplified security
framework, modular network design, and cross-platform portability.
Advantages of OpenVPN include:
- Security provisions that function against both active and passive attacks.
- Compatibility with all major operating systems.
- High speed (1.4 megabytes per second typically).
- Ability to configure multiple servers to handle numerous connections simultaneously.
- All encryption and authentication features of the OpenSSL library.
- Advanced bandwidth management.
- A variety of tunneling options.
- Compatibility with smart cards that support the Windows Crypt application program interface (API).
Figure 4-2-8-9
78
UR72 User Guide
OpenVPN Client
Item
Enable
Protocol
Remote IP Address
Port
Interface
Authentication
Local Tunnel IP
Remote Tunnel IP
Global Traffic
Forwarding
Enable TLS
Authentication
Username
Password
Enable NAT
Compression
Link Detection Interval
(s)
Link Detection Timeout
(s)
Cipher
MTU
Max Frame Size
Verbose Level
Expert Options
Local Route
Subnet
Subnet Mask
Description
Enable OpenVPN client. A maximum of 3 tunnels is allowed.
Select from "UDP" and "TCP".
Enter remote OpenVPN server's IP address or domain name.
Enter the listening port number of remote OpenVPN server.
Range: 1-65535.
Select from "tun" and "tap".
Select from "None", "Pre-shared", "Username/Password",
"X.509 cert", and "X.509 cert+user".
Set local tunnel address.
Enter remote tunnel address.
All the data traffic will be sent out via OpenVPN tunnel when
this function is enabled.
Check to enable TLS authentication.
Enter username provided by OpenVPN server.
Enter password provided by OpenVPN server.
Enable NAT traversal function.
Select LZO to compress data.
Set link detection interval time to ensure tunnel connection.
Range: 10-1800.
Set link detection timeout. OpenVPN will be reestablished after
timeout. Range: 60-3600.
Select from "NONE", "BF-CBC", "DE-CBC", "DES-EDE3-CBC",
"AES-128-CBC", "AES-192-CBC" and "AES-256-CBC".
Enter the maximum transmission unit. Range: 128-1500.
Set the maximum frame size. Range: 128-1500.
Select from "ERROR", "WARING", "NOTICE" and "DEBUG".
User can enter some other PPP initialization strings in this field
and separate the strings with blank space.
Set the local route's IP address.
Set the local route's netmask.
Table 4-2-8-9 OpenVPN Client Parameters
79
UR72 User Guide
4.2.8.7 OpenVPN Server
The UR72 supports OpenVPN server to create secure point-to-point or site-to-site connections in routed
or bridged configurations and remote access facilities.
Figure 4-2-8-10
Figure 4-2-8-11
80
UR72 User Guide
OpenVPN Server
Item
Enable
Protocol
Port
Listening IP
Interface
Authentication
Local Virtual IP
Remote Virtual IP
Client Subnet
Client Netmask
Renegotiation
Interval(s)
Max Clients
Enable CRL
Enable Client to Client
Enable Dup Client
Enable NAT
Compression
Link Detection Interval
Cipher
MTU
Max Frame Size
Verbose Level
Expert Options
Local Route
Subnet
Netmask
Account
Username & Password
Description
Enable/disable OpenVPN server.
Select from TCP and UDP.
Fill in listening port number. Range: 1-65535.
Enter WAN IP address or LAN IP address. Leaving it blank refers
to all active WAN IP and LAN IP address.
Select from " tun" and "tap".
Select from "None", "Pre-shared", "Username/Password",
"X.509 cert" and "X. 509 cert +user".
The local tunnel address of OpenVPN's tunnel.
The remote tunnel address of OpenVPN's tunnel.
Local subnet IP address of OpenVPN client.
Local netmask of OpenVPN client.
Set interval for renegotiation. Range: 0-86400.
Maximum OpenVPN client number. Range: 1-128.
Enable CRL
Allow access between different OpenVPN clients.
Allow multiple users to use the same certification.
Check to enable the NAT traversal function.
Select "LZO" to compress data.
Set link detection interval time to ensure tunnel connection.
Range: 10-1800.
Select from "NONE", "BF-CBC", "DES-CBC", "DES-EDE3-CBC",
"AES-128-CBC", "AES-192-CBC" and "AES-256-CBC".
Enter the maximum transmission unit. Range: 64-1500.
Set the maximum frame size. Range: 64-1500.
Select from "ERROR", "WARING", "NOTICE" and "DEBUG".
User can enter some other PPP initialization strings in this field
and separate the strings with blank space.
The real local IP address of OpenVPN client.
The real local netmask of OpenVPN client.
Set username and password for OpenVPN client.
Table 4-2-8-10 OpenVPN Server Parameters
81
UR72 User Guide
4.2.8.8 Certifications
User can import/export certificate and key files for OpenVPN and IPsec on this page.
Figure 4-2-8-12
OpenVPN Client
Item
CA
Public Key
Private Key
TA
Preshared Key
PKCS12
Description
Import/Export CA certificate file.
Import/Export public key file.
Import/Export private key file.
Import/Export TA key file.
Import/Export static key file.
Import/Export PKCS12 certificate file.
Table 4-2-8-11 OpenVPN Client Certification Parameters
Figure 4-2-8-13
82
UR72 User Guide
OpenVPN Server
Item
CA
Public Key
Private Key
DH
TA
CRL
Preshared Key
Description
Import/Export CA certificate file.
Import/Export public key file.
Import/Export private key file.
Import/Export DH key file.
Import/Export TA key file.
Import/Export CRL.
Import/Export static key file.
Table 4-2-8-12 OpenVPN Server Parameters
Figure 4-2-8-14
OpenVPN Server
Item
CA
Client Key
Server Key
Private Key
CRL
Description
Import/Export CA certificate.
Import/Export client key.
Import/Export server key.
Import/Export private key.
Import/Export certificate recovery list.
Table 4-2-8-13 IPsec Parameters
4.3 System
This section describes how to configure general settings, such as administration account, access service,
system time, common user management, SNMP, AAA, event alarms, etc.
4.3.1 General Settings
4.3.1.1 General
General settings include system info, access service and HTTPS certificates.
83
UR72 User Guide
Figure 4-3-1-1
General
Item
System
Hostname
Web Login
Timeout (s)
Access Service
Local
Port
Remote
HTTP
HTTPS
TELNET
SSH
Description
Default
User-defined router name, needs to start with a letter.
URSA
You need to log in again if it times out. Range: 100-3600.
1800
Access the router locally.
Set port number of the services. Range: 1-65535.
Access the router remotely.
Users can log in the device locally via HTTP to access and
control it through Web after the option is checked.
Users can log in the device locally and remotely via
HTTPS to access and control it through Web after option
is checked.
Users can log in the device locally and remotely via
Telnet after the option is checked.
Users can log in the device locally and remotely via SSH
after the option is checked.
Enable
-Disable
80
8088
8023
8022
Table 4-3-1-1 General Setting Parameters
84
UR72 User Guide
Item
Description
HTTPS Certificates
Click "Browse" button, choose certificate file on the PC,
and then click "Import" button to upload the file into
Certificate
router. Click "Export" button will export the file to the
PC. Click "Delete" button will delete the file.
Click "Browse" button, choose key file on the PC, and
then click "Import" button to upload the file into router.
Key
Click "Export" button will export file to the PC.
Click "Delete" button will delete the file.
Default
--
--
Table 4-3-1-2 General Setting Parameters
4.3.1.2 Account Management
Here you can change the login username and password of the administrator.
Note: it is strongly recommended that you modify them for the sake of security.
Figure 4-3-1-2
Account
Item
Username
Old Password
New Password
Confirm New Password
Description
Enter a new username. You can use characters such as a-z,
0-9, "_", "-", "$". The first character can't be a digit.
Enter the old password.
Enter a new password.
Enter the new password again.
Table 4-3-1-3 Account Information
Related Configuration Example
Account Info Management
4.3.1.3 System Time
This section explains how to set the system time including time zone and time synchronization type.
85
UR72 User Guide
Note: to ensure that the router runs with the correct time, it’s recommended that you set the system
time when configuring the router.
Figure 4-3-1-3
Figure 4-3-1-4
Figure 4-3-1-5
System Time
Item
Current Time
Time Zone
Sync Type
Description
Show the current system time.
Click the drop down list to select the time zone you are in.
Click the drop down list to select the time synchronization
86
UR72 User Guide
Sync with Browser
Browser Time
Set up Manually
Sync with NTP Server
Sync with NTP Server
NTP Server Address
Enable NTP Server
type.
Synchronize time with browser.
Show the current time of browser.
Manually configure the system time.
Synchronize time with NTP server so as to achieve time
synchronization of all devices equipped with a clock on
network.
Set NTP server address (domain name/IP).
NTP client on the network can achieve time synchronization
with router after "Enable NTP Server" option is checked.
Table 4-3-1-4 System Time Parameters
Related Configuration Example
System Time Management
4.3.1.4 SMTP
SMTP, short for Simple Mail Transfer Protocol, is a TCP/IP protocol used in sending and receiving e-mail.
This section describes how to configure email settings.
Figure 4-3-1-6
SMTP
Item
SMTP Client Settings
Description
87
UR72 User Guide
Enable
Email Address
Password
SMTP Server Address
Port
Enable TLS
Email Recipients
Email Address
Test
Enable or disable SMTP client function.
Enter the sender's email account.
Enter the sender's email password.
Enter SMTP server's domain name.
Enter SMTP server port. Range: 1-65535.
Enable or disable TLS encryption.
Add recipients' email address.
Check if the recipients can get the mail from sender.
Table 4-3-1-5 SMTP Setting
Related Topics
DI Setting
Events Setting
Events Application Example
4.3.1.5 Phone
Phone settings involve in call/SMS trigger and SMS alarm for events.
1. Add phone list.
2. Select phone numbers and add them to the phone group.
3. Go to “Network > Interface > Cellular > Connection Mode > Connect on Demand > Trigger by Call /
Trigger by SMS” or go to “System > Events > Event Settings > SMS” and then select the phone group
ID.
Figure 4-3-1-7
88
UR72 User Guide
Phone
Item
Phone Number List
Number
Description
Phone Group
Group ID
Description
List
Selected
Description
Enter the telephone number. Digits, "+" and "-" are allowed.
The description of the telephone number.
Set number for phone group. Range: 1-100.
The description of the phone group.
Show the phone list.
Show the selected phone number.
Table 4-3-1-6 Phone Settings
Related Topic
Connect on Demand
4.3.1.6 Storage
You can view Micro SD card and SSD storage information on this page.
Figure 4-3-1-8
Storage
Item
Status
Storage
(Capacity/Available)
Format
Description
Show the status of Micro SD card or SSD, such as “Available” or
“Not Inserted”.
The total capacity of the Micro SD Card or SSD.
Format the Micro SD card or SSD.
Table 4-3-1-7 Storage Information
89
UR72 User Guide
4.3.2 User Management
This section describes how to create common user accounts.
The common user permission includes Read-Only and Read-Write.
Figure 4-3-2-1
User Management
Item
Username
Password
Permission
Description
Enter a new username. You can use characters such as a-z, 0-9, "_", "-", "$".
The first character can't be a digit.
Set password.
Select user permission from “Read-Only” and “Read-Write”.
- Read-Only: users can only view the configuration of router in this level.
- Read-Write: users can view and set the configuration of router in this
level.
Table 4-3-2-1 User Management
Related Configuration Example
Common User Management
4.3.3 SNMP
SNMP is widely used in network management for network monitoring. SNMP exposes management data
with variables form in managed system. The system is organized in a management information base (MIB)
which describes the system status and configuration. These variables can be remotely queried by
managing applications.
Configuring SNMP in networking, NMS, and a management program of SNMP should be set up at the
Manager.
Configuration steps are listed as below for achieving query from NMS:
1. Enable SNMP setting.
2. Download MIB file and load it into NMS.
3. Configure MIB View.
4. Configure VCAM.
Related Configuration Example
SNMP Application Example
90
UR72 User Guide
4.3.3.1 SNMP
The UR72 supports SNMPv1, SNMPv2c and SNMPv3 version. SNMPv1 and SNMPv2c employ community
name authentication. SNMPv3 employs authentication encryption by username and password.
Figure 4-4-3-1
SNMP Settings
Item
Enable
Port
SNMP Version
Location Information
Contact Information
Description
Enable or disable SNMP function.
Set SNMP listened port. Range: 1-65535. The default port is 161.
Select SNMP version; support SNMP v1/v2c/v3.
Fill in the location information.
Fill in the contact information.
Table 4-4-3-1 SNMP Parameters
4.3.3.2 MIB View
This section explains how to configure MIB view for the objects.
Figure 4-4-3-2
91
UR72 User Guide
MIB View
Item
View Name
View Filter
View OID
Included
Excluded
Description
Set MIB view's name.
Select from "Included" and "Excluded".
Enter the OID number.
You can query all nodes within the specified MIB node.
You can query all nodes except for the specified MIB node.
Table 4-3-3-2 MIB View Parameters
4.3.3.3 VACM
This section describes how to configure VCAM parameters.
Figure 4-3-3-3
VACM
Item
SNMP v1 & v2 User List
Community
Permission
MIB View
Network
Read-Write
Read-Only
SNMP v3 User List
Group Name
Security Level
Read-Only View
Read-Write View
Inform View
Description
Set the community name.
Select from "Read-Only" and "Read-Write".
Select an MIB view to set permissions from the MIB view list.
The IP address and bits of the external network accessing the
MIB view.
The permission of the specified MIB node is read and write.
The permission of the specified MIB node is read only.
Set the name of SNMPv3 group.
Select from "NoAuth/NoPriv", "Auth/NoPriv", and " Auth/Priv".
Select an MIB view to set permission as "Read-only" from the
MIB view list.
Select an MIB view to set permission as "Read-write" from the
MIB view list.
Select an MIB view to set permission as "Inform" from the MIB
view list.
Table 4-3-3-3 VACM Parameters
92
UR72 User Guide
4.3.3.4 Trap
This section explains how to enable network monitoring by SNMP trap.
Figure 4-3-3-4
SNMP Trap
Item
Enable
SNMP Version
Server Address
Port
Name
Auth/Priv Mode
Description
Enable or disable SNMP Trap function.
Select SNMP version; support SNMP v1/v2c/v3.
Fill in NMS's IP address or domain name.
Fill in UDP port. Port range is 1-65535. The default port is 162.
Fill in the group name when using SNMP v1/v2c; fill in the
username when using SNMP v3.
Select from "NoAuth & No Priv", "Auth & NoPriv", and "Auth &
Priv".
Table 4-3-3-4 Trap Parameters
4.3.3.5 MIB
This section describes how to download MIB files. The last MIB file “URSA-ROUTER-MIB.txt” is for the
UR72 router.
Figure 4-3-3-5
MIB
Item
MIB File
Download
Description
Select the MIB file you need.
Click "Download" button to download the MIB file to PC.
Table 4-3-3-5 MIB Download
93
UR72 User Guide
4.3.4 AAA
AAA access control is used for visitors control and the available corresponding services once access is
allowed. It adopts the same method to configure three independent safety functions. It provides
modularization methods for following services:
- Authentication: verify if the user is qualified to access to the network.
- Authorization: authorize related services available for the user.
- Charging: record the utilization of network resources.
4.3.4.1 Radius
Using UDP for its transport, Radius is generally applied in various network environments with higher
requirements of security and permission of remote user access.
Figure 4-3-4-1
Radius
Item
Enable
Server IP Address
Server Port
Key
Description
Enable or disable Radius.
Fill in the Radius server IP address/domain name.
Fill in the Radius server port. Range: 1-65535.
Fill in the key consistent with that of Radius server in order to
get connected with Radius server.
Table 4-3-4-1 Radius Parameters
4.3.4.2 TACACS+
Using TCP for its transport, TACACS+ is mainly used for authentication, authorization and charging of the
access users and terminal users by adopting PPP and VPDN.
94
UR72 User Guide
Figure 4-3-4-2
TACACS+
Item
Enable
Server IP Address
Server Port
Key
Description
Enable or disable TACACS+.
Fill in the TACACS+ server IP address/domain name.
Fill in the TACACS+ server port. Range: 1-65535.
Fill in the key consistent with that of TACACS+ server in order
to get connected with TACACS+ server.
Table 4-3-4-2 TACACS+ Parameters
4.3.4.3 LDAP
A common usage of LDAP is to provide a central place to store usernames and passwords. This allows
many different applications and services to connect the LDAP server to validate users.
LDAP is based on a simpler subset of the standards contained within the X.500 standard. Because of this
relationship, LDAP is sometimes called X.500-lite as well.
Figure 4-3-4-3
95
UR72 User Guide
LDAP
Item
Enable
Server IP Address
Server Port
Base DN
Security
Username
Password
Description
Enable or Disable LDAP.
Fill in the LDAP server's IP address/domain name. The
maximum count is 10.
Fill in the LDAP server's port. Range: 1-65535
The top of LDAP directory tree.
Select secure method from "None", "StartTLS" and "SSL".
Enter the username to access the server.
Enter the password to access the server.
Table 4-3-4-3 LDAP Parameters
4.3.4.4 Authentication
AAA supports the following authentication ways:
- None: uses no authentication, generally not recommended.
- Local: uses the local username database for authentication.

Advantages: rapidness, cost reduction.

Disadvantages: storage capacity limited by hardware.
- Remote: has user’s information stored on authentication server. Radius, TACACS+ and LDAP supported
for remote authentication.
When radius, TACACS+, and local are configured at the same time, the priority level is: 1 >2 >3.
Figure 4-3-4-4
Authentication
Item
Console
Web
Telnet
SSH
Description
Select authentication for Console access.
Select authentication for Web access.
Select authentication for Telnet access.
Select authentication for SSH access.
Table 4-3-4-4 Authentication Parameters
96
UR72 User Guide
4.3.5 Device Management
You can connect the device to the device management platform on this page so as to manage the router.
Figure 4-3-5-1
Device Management
Item
Status
Disconnected
Activation Server Address
Device Management
Server Address
Activation Method
Authentication Code
ID
Password
Description
Show the connection status between the router and device
management platform.
Click this button to disconnect the router from the device
management platform.
IP address or domain of the device management server.
The URL address for the device to connect to the device
management service, e.g. http://220.82.63.79:8080/acs.
Select activation method to connect the router to the device
management server, options are "By Authentication ID" and
"By ID".
Fill in the authentication code generated from the device
management platform .
Fill in the registered device management account (email) and
password.
Table 4-3-5-1
4.3.6 Events
Event feature is capable of sending alerts by Email when certain system events occur.
4.3.6.1 Events
You can view alarm messages on this page.
97
UR72 User Guide
Figure 4-3-6-1
Events
Item
Mark as Read
Delete
Mark All as Read
Delete All Alarms
Status
Type
Time
Message
Description
Mark the selected event alarm as read.
Delete the selected event alarm.
Mark all event alarms as read.
Delete all event alarms.
Show the reading status of the event alarms, such as “Read” and “Unread”.
Show the event type that should be alarmed.
Show the alarm time.
Show the alarm content.
Table 4-3-6-1 Events Parameters
4.3.6.2 Events Settings
In this section, you can decide what events to record and whether you want to receive email and SMS
notifications when any change occurs.
Figure 4-3-6-2
98
UR72 User Guide
Event Settings
Item
Enable
Cellular Up
Cellular Down
WAN Up
WAN Down
VPN Up
VPN Down
Record
Email
Email Setting
SMS
SMS Setting
Phone Group List
Description
Check to enable "Events Settings".
Cellular network is connected.
Cellular network is disconnected.
Ethernet cable is connected to WAN port.
Ethernet cable is disconnected to WAN port.
VPN is connected.
VPN is disconnected.
The relevant content of event alarm will be recorded on
"Event" page if this option is checked.
The relevant content of event alarm will be sent out via email if
this option is checked.
Click and you will be redirected to the page "SMTP" to
configure the sender's & recipients' info.
The relevant content of event alarm will be sent out via SMS if
this option is checked.
Click and you will be redirected to the page of "Phone" to
configure phone group list.
Select phone group to receive SMS alarm.
Table 4-3-6-2 Events Parameters
Related Topics
Email Setting
Events Application Example
4.4 Industrial Interface
The UR72 router is capable of connecting with terminals through industrial interfaces so as to realize
wireless communication between terminals and remote data center.
There are two types of the router’s industrial interface: serial port (RS232 and RS485) and I/O (digital
input and digital output).
Figure 4-4-1 Pinouts
99
UR72 User Guide
PIN
1
2
3
4
5
6
7
8
9
10
RS232*1
TXD
RXD
----GND
-----------
RS485*1
----A
B
-------------
DI*2
--------GND
IN1
IN2
-------
DO*2
--------------OUT1
OUT2
COM
Description
Transmit Data
Receive Data
Data +
Data Ground
Digital Input1
Digital Input2
Digital Output1
Digital Output2
Common Ground
Table 4-4-1 Pinouts Definition
RS232 adopts full-duplex communication. It’s generally used for communication within 20m.
RS485 adopts half-duplex communication to achieve transmission of serial communication data with
distance up to 1200 m.
Digital input of I/O interface is a logical variable or switch variable with only two values of 0 and 1. “0”
refers to low level and “1” refers to high level .
4.4.1 I/O
4.4.1.1 DI
This section explains how to configure monitoring condition on digital input, and take certain actions once
the condition is reached.
Figure 4-4-1-1
100
UR72 User Guide
DI
Item
Enable
Mode
Duration (ms)
Condition
Low->High
High->Low
Counter
Action
SMS
Phone
Content
Email
DO1
DO2
Cellular UP
Description
Enable or disable DI.
Options are "High Level", "Low Level", and "Counter".
Set the duration of high/low level in digital input. Range:
1-10000.
Select from "Low->High", and "High-> Low".
The counter value will increase by 1 if digital input's status
changes from low level to high level.
The counter value will increase by 1 if digital input's status
changes from high level to low level.
The system will take actions accordingly when the counter
value reach the preset one, and then reset the counter value
to 0. Range: 1-100.
Select the corresponding actions that the system will take
when digital input mode meets the preset condition or
duration.
Check to enable SMS alarm.
Set phone number to receive SMS alarm.
Set the content of SMS alarm.
Check to enable Email alarm.
Control output status of DO1.
Control output status of DO2.
Trigger the router to switch from offline mode to cellular
network mode.
Table 4-4-1-1 DI Parameters
Related Topics
DO Setting
Email Setting
Connect on Demand
101
UR72 User Guide
4.4.1.2 DO
This section describes how to configure digital output mode.
Figure 4-4-1-2
DO
Item
Enable
Mode
Duration (*10ms)
Initial Status
Duration of High Level (*10ms)
Duration of Low Level (*10ms)
The Number of Pulse
Alarm Source
Description
Enable or disable DO.
Select from "High Level", "Low Level", and "Pulse".
Set duration of high/low level on digital output. Range: 1-10000.
Select high level or low level as the initial status of the pulse.
Set the duration of pulse's high level. Range: 1-10000.
Set the duration of pulse's low level. Range: 1-10000.
Set the quantity of pulse. Range: 1-100.
Select alarm source between "DI1" and "DI2".
Table 4-4-1-2 DO Settings
Related Topics
DI Setting
4.4.2 Serial Port
Serial 1 is used for RS232 and Serial 2 for RS485 by default.
This section explains how to configure serial port parameters to achieve communication with serial
terminals, and configure work mode to achieve communication with the remote data center, so as to
achieve two-way communication between serial terminals and remote data center.
102
UR72 User Guide
Figure 4-4-2-1
Serial Settings
Item
Description
Enable
Enable or disable serial port function.
Serial Type
Serial Port 1 is a RS232 port. Serial Port 2 is a RS485 port.
Range is 300-230400. Same with the baud rate of the
Baud Rate
connected terminal device.
Options are “8” and “7”. Same with the data bits of the
Data Bits
connected terminal device.
Options are “1” and “2”. Same with the stop bits of the
Stop Bits
connected terminal device.
Options are “None”, “Odd” and “Even”. Same with the
Parity
parity of the connected terminal device.
Software
Enable or disable software flow control.
Flow Control
Select work mode of the serial port. Options are "DTU
Serial Mode
Mode" and "GPS".
In DTU Mode, the serial port can establish communication
DTU Mode
with the remote server/client.
In GPS mode, go to "Industrial > GPS > GPS Serial
GPS
Forwarding" to select corresponding Serial Type, then GPS
data will be forwarded to this serial port.
Default
Disable
-9600
8
1
None
Disable
Disable
---
Table 4-4-2-1 Serial Parameters
103
UR72 User Guide
Figure 4-4-2-2
DTU Mode
Item
DTU Protocol
TCP Server
Listening port
Keepalive Interval
Keepalive Retry
Times
Packet Size
Serial Frame
Interval
Description
Select from "None", "Transparent", "Modbus", and "TCP server".
- Transparent: the routed is used as TCP client/UDP and transmits
data transparently.
- TCP server: the router is used as TCP server and transmits data
transparently.
- Modbus: the router will be used as TCP server with modbus
gateway function, which can achieve conversion between Modbus
RTU and Modbus TCP.
Default
Set the router listening port. Range: 1-65535.
After TCP connection is established, client will send heartbeat packet
regularly by TCP to keep alive. The interval range is 1-3600 in seconds.
When TCP heartbeat times out, router will resend heartbeat. After it
reaches the preset retry times, TCP connection will be reestablished.
The retry times range is 1-16.
Set the size of the serial data frame. Packet will be sent out when
preset frame size is reached. The size range is 1-1024. The unit is byte.
The interval that the router sends out real serial data stored in the
buffer area to public network. The range is 10-65535, in milliseconds.
Note: data will be sent out to public network when real serial data size
reaches the preset packet size, even though it's within the serial frame
interval.
502
75
--
9
1024
100
Table 4-4-2-2 DTU Parameters
104
UR72 User Guide
Item
Transparent
Protocol
Keepalive Interval
(s)
Keepalive Retry
Times
Packet Size
Serial Frame
Interval
Reconnect Interval
Specific Protocol
Heartbeat Interval
ID
Register String
Server Address
Server Port
Status
Modbus
Local Port
Description
Default
Select "TCP" or "UDP" protocol.
After TCP client is connected with TCP server, the client will send
heartbeat packet by TCP regularly to keep alive. The interval range
is 1-3600, in seconds.
When TCP heartbeat times out, the router will resend heartbeat.
After it reaches the preset retry times, router will reconnect to
TCP server. The range is 1-16.
Set the size of the serial data frame. Packet will be sent out when
preset frame size is reached. The range is 1-1024. The unit is byte.
The interval that the router sends out real serial data stored in the
buffer area to public network. The range is 10-65535, in
milliseconds.
Note: data will be sent out to public network when real serial data
size reaches the preset packet size, even though it's within the
serial frame interval.
After connection failure, router will reconnect to the server at the
preset interval, in seconds. The range is 10-60.
By Specific Protocol, the router will be able to connect to the
TCP2COM software.
By Specific Protocol, the router will send heartbeat packet to the
server regularly to keep alive. The interval range is 1-3600, in
seconds.
Define unique ID of each router. No longer than 63 characters
without space character.
Define register string for connection with the server.
Fill in the TCP or UDP server address (IP/domain name).
Fill in the TCP or UDP server port. Range: 1-65535.
Show the connection status between the router and the server.
TCP
Set the router listening port. Range: 1-65535.
75
9
1024
100
10
-30
-Null
Null
Null
--
502
Table 4-4-2-3 DTU Parameters
Related Configuration Example
DTU Application Example
4.4.3 Modbus TCP
This section describes how to achieve I/O status via Modbus TCP and Modbus RTU over TCP.
105
UR72 User Guide
4.4.3.1 Modbus TCP
You can define the address of the DI and DO ports so as to poll DI’s status and control DO’s status via
Modbus TCP protocol.
Figure 4-4-3-1
Modbus TCP
Item
Enable
Port
DI_1 Address
DI_2 Address
DO_1 Address
DO_2 Address
Description
Enable/disable Modbus TCP.
Set the router listening port. Range: 1-65535.
Define the address of DI_1, range: 0-255.
Define the address of DI_2, range: 0-255.
Define the address of DO_1, range: 0-255.
Define the address of DO_2, range: 0-255.
Default
Disable
502
0
1
0
1
Table 4-4-3-1 Modbus TCP Parameters
4.4.4 Modbus Master
UR71 Router can be set as Modbus Master to poll the remote Modbus Slave and send alarm according to
the response.
4.4.4.1 Modbus Master
You can configure Modbus Master’s parameters on this page.
106
UR72 User Guide
Figure 4-4-4-1
Modbus Master
Item
Enable
Description
Enable/disable Modbus master.
Set the interval for reading remote channels. When the read
cycle ends, the commands which haven't been sent out will be
Read Interval/s
discard, and the new read cycle begins. If it is set to 0, the
device will restart the new read cycle after all channels have
been read. Range: 0-600.
Max. Retries
Set the maximum retry times after it fails to read, range: 0-5.
Set the maximum response time that the router waits for the
response to the command. If the device does not get a
Max. Response Time/ms
response after the maximum response time, it's determined
that the command has timed out. Range: 10-1000.
The execution interval between each command. Range:
Execution Interval/ms
10-1000.
Default
--
0
3
500
50
Table 4-4-4-1
4.4.4.2 Channel
You can add the channels and configure alarm setting on this page, so as to connect the router to the
remote Modbus Slave to poll the address on this page and receive alarms from the router in different
conditions.
107
UR72 User Guide
Figure 4-4-4-2
Channel Setting
Item
Name
Slave ID
Address
Number
Type
Link
IP address
Port
Sign
Description
Set the name to identify the remote channel. It cannot be blank.
Set Modbus slave ID.
The starting address for reading.
The address number for reading.
Read command, options are "Coil", "Discrete", "Holding Register (INT16)", "Input
Register (INT16)", "Holding Register (INT32)" and "Holding Register (Float)".
Select TCP for transportation.
Fill in the IP address of the remote Modbus device.
Fill in the port of the remote Modbus device.
To identify whether this channel is signed. Default: Unsigned.
Table 4-4-4-2
108
UR72 User Guide
Figure 4-4-4-3
Alarm Setting
Item
Name
Condition
Min. Threshold
Max. Threshold
Alarm
Operation
SMS
Phone Group
Normal Content
Abnormal Content
Continuous Alarm
Description
Set the same name with the channel name to identify the remote channel.
The condition that triggers alert.
Set the min. value to trigger the alert. When the actual value is less than this
value, the alarm will be triggered.
Set the max. value to trigger the alert. When the actual value is more than this
value, the alarm will be triggered.
Select the alarm method, e.g SMS.
The preset alarm content will be sent to the specified phone number.
Select the phone group to receive the alarm SMS.
When the actual value is restored to the normal value from exceeding the
threshold value, the router will automatically cancel the abnormal alarm and
send the preset normal content to the specified phone group.
When the actual value exceeds the preset threshold, the router will
automatically trigger the alarm and send the preset abnormal content to the
specified phone group.
Once it is enabled, the same alarm will be continuously reported. Otherwise, the
same alarm will be reported only one time.
Table 4-4-4-3
109
UR72 User Guide
4.4.5 GPS
This section gives you a detailed introduction to GPS settings, including GPS IP forwarding and GPS serial
forwarding.
4.4.5.1 GPS
When you want to receive GPS data, you should enable GPS function on this page.
Figure 4-4-5-1
4.4.5.2 GPS IP Forwarding
GPS IP forwarding means that GPS data can be forwarded over the Internet.
Figure 4-4-5-2
110
UR72 User Guide
Figure 4-4-5-3
GPS IP Forwarding
Item
Description
Enable
Forward the GPS data to the client or server.
Select connection type of the router. The options are "Client"
Type
and "Server".
Select protocol of data transmission. The options are "TCP"
Protocol
and "UDP".
After it's connected with server/client, the router will send
Keepalive
heartbeat packet regularly to the server/client to keep alive.
Interval
The interval range is 1-3600, in seconds.
When TCP heartbeat times out, the router will resend
Keepalive
heartbeat. After it reaches the preset retry times, router will
Retry
reconnect to TCP server. The range is 1-16.
Local Port
Set the router listening port. Range: 1-65535.
Reconnect
After connection failure, router will reconnect to the server
Interval
at the preset interval, in seconds. The range is 10-60.
Report
Router will send GPS data to the server/client at the preset
Interval
interval, in seconds. The range is 1-60.
Include RMC Whether include RMC in GPS data.
Include GSA Whether include GSA in GPS data.
Include GGA Whether include GGA in GPS data.
Include GSV Whether include GSV in GPS data.
Message
Add a prefix to the GPS data.
Prefix
Message
Add a suffix to the GPS data.
Suffix
Destination IP Address
Server
Fill in the server address to receive GPS data (IP/domain
-Address
name).
Server Port
Fill in the port to receive GPS data. Range: 1-65535.
-Show the connection status between the router and the
-Status
server.
Default
Disable
Client
TCP
75
9
10
30
----Null
Null
Table 4-4-5-1 GPS IP Forwarding Parameters
4.4.5.3 GPS Serial Forwarding
GPS IP forwarding means that GPS data can be forwarded to the serial port.
111
UR72 User Guide
Figure 4-4-5-4
GPS Serial Forwarding
Item
Description
Enable
Forward the GPS data to the preset serial port.
Select the serial port to receive GPS data. The options are
Serial Type
"serial 1" and "serial 2".
Report
Router will forward the GPS data to the serial port at the
Interval
preset interval, in seconds. The range is 1-60.
Include RMC Whether include RMC in GPS data.
Include GSA Whether include GSA in GPS data.
Include GGA Whether include GGA in GPS data.
Include GSV Whether include GSV in GPS data.
Default
Disable
-30
-----
Table 4-4-5-2 GPS Serial Forwarding Parameters
4.5 Maintenance
This section describes system maintenance tools and management.
4.5.1 Tools
Troubleshooting tools includes ping and traceroute.
4.5.1.1 Ping
Ping tool is engineered to ping outer network.
112
UR72 User Guide
Figure 4-5-1-1
PING
Item
Host
Description
Ping outer network from the router.
Table 4-5-1-1 IP Ping Parameters
4.5.1.2 Traceroute
Traceroute tool is used for troubleshooting network routing failures.
Figure 4-5-1-2
Traceroute
Item
Description
Host
Address of the destination host to be detected.
Table 4-5-1-2 Traceroute Parameters
113
UR72 User Guide
4.5.2 Schedule
This section explains how to configure scheduled reboot on the router.
Figure 4-5-2-1
Schedule
Item
Description
Schedule
Reboot
Frequency
Hour & Minute
Select schedule type.
Reboot the router regularly.
Select the frequency to execute the schedule.
Select the time to execute the schedule.
Table 4-5-2-1 Schedule Parameters
Related Configuration Example
Schedule Application Example
4.5.3 Log
The system log contains a record of informational, error and warning events that indicates how the
system processes. By reviewing the data contained in the log, an administrator or user troubleshooting
the system can identify the cause of a problem or whether the system processes are loading successfully.
Remote log server is feasible, and router will upload all system logs to remote log server such as Syslog
Watcher.
Related Configuration Example
Logs and Diagnostics
4.5.3.1 System Log
This section describes how to download log file and view the recent log on web.
114
UR72 User Guide
Figure 4-5-3-1
System Log
Item
Description
Download
View recent (lines)
Clear Log
Download log file.
View the specified lines of system log.
Clear the current system log.
Table 4-5-3-1 System Log Parameter
4.5.3.2 Log Settings
This section explains how to enable remote log server and local log setting.
Figure 4-5-3-2
115
UR72 User Guide
Log Settings
Item
Remote Log Server
Enable
Syslog Server Address
Port
Local Log File
Storage
Size
Log Severity
Description
With “Remote Log Server” enabled, router will send all system
logs to the remote server.
Fill in the remote system log server address (IP/domain name).
Fill in the remote system log server port.
User can store the log file in memory or TF card.
Set the size of the log file to be stored.
The list of severities follows the syslog protocol.
Table 4-5-3-2 System Log Parameters
4.5.4 Upgrade
This section describes how to upgrade the router firmware via web. Generally you don’t need to do the
firmware upgrade.
Note: any operation on web page is not allowed during firmware upgrade, otherwise the upgrade will be
interrupted, or even the device will break down.
Figure 4-5-4-1
116
UR72 User Guide
Upgrade
Item
Firmware Version
Reset Configuration
to Factory Default
Upgrade Firmware
Description
Show the current firmware version.
When this option is checked, the router will be reset to factory defaults after
upgrade.
Click "Browse" button to select the new firmware file, and click "Upgrade" to
upgrade firmware.
Table 4-5-4-1 Upgrade Parameters
Related Configuration Example
Firmware Upgrade
4.5.5 Backup and Restore
This section explains how to create a complete backup of the system configurations to a file, restore the
config file to the router and reset to factory defaults.
Figure 4-5-5-1
Backup and Restore
Item
Config File
Description
Click "Browse" button to select configuration file, and then
click "Import" button to upload the configuration file to the
router.
117
UR72 User Guide
Backup
Reset
Click "Backup" to export the current configuration file to the
PC.
Click "Reset" button to reset factory default settings. Router
will restart after reset process is done.
Table 4-5-5-1 Backup and Restore Parameters
Related Configuration Example
Backup and Restore Configuration
Restore Factory Defaults
4.5.6 Reboot
On this page you can reboot the router and return to the login page. We strongly recommend clicking
“Save” button before rebooting the router so as to avoid losing the new configuration.
Figure 4-5-6-1
4.6 APP
4.6.1 Python
Python is an object-oriented programming language that has gained popularity because of its clear syntax
118
UR72 User Guide
and readability.
As an interpreted language, Python has a design philosophy that emphasizes code readability, notably
using whitespace indentation to delimit code blocks rather than curly brackets or keywords, and a syntax
that allows programmers to express concepts in fewer lines of code than it’s used in other languages such
as C++ or Java. The language provides constructs and intends to enable writing clear programs on both
small and large scale.
Users can use Python to quickly generate the prototype of the program, which can be the final interface
of the program, rewrite it with a more appropriate language, and then encapsulate the extended class
library that Python can call.
This section describes how to view the relevant running status such as App-manager, SDK version,
extended storage, etc. Also you can change the App-manager configuration, and import the Python App
package from here.
4.6.1.1 Python
Micro SD card/SSD must be installed for Python App.
Figure 4-6-1-1
Python
Item
AppManager Status
SDK Version
SDK Path
Available Storage
SDK Upload
Uninstall
View
Description
Show AppManager's running status, like "Uninstalled",
"Running" or "Stopped".
Show the version of the installed SDK.
Show the SDK installation path.
Select available storage such as Micro SD or SSD to install SDK.
Upload and install SDK for Python.
Uninstall SDK.
View application status managed by AppManager.
Table 4-6-1-1 Python Parameters
119
UR72 User Guide
4.6.1.2 App Manager Configuration
Figure 4-6-1-2
AppManager Configuration
Item
Description
After enabling Python AppManager, user can click "View" button on the "Python"
Enable
webpage to view the application status managed by AppManager.
App Management
ID
Show the ID of the imported App.
App Command
Show the name of the imported App.
Logfile Size(MB)
User-defined Logfile size. Range: 1-50.
Uninstall
Uninstall APP.
App Status
App Name
Show the name of the imported App.
App Version
Show the version of the imported App.
SDK Version
Show the SDK version which the imported App is based on.
Table 4-6-1-2 APP Manager Parameters
4.6.1.3 Python App
Figure 4-6-1-3
120
UR72 User Guide
Python APP
Item
App Package
App Name
App Configuration
Debug File
Debug Script
Description
Select App package and import.
Select App to import configuration.
Select configuration file and import.
Export script file.
Select Python script to be debugged and import.
Table 4-6-1-3 APP Parameters
121
UR72 User Guide
Chapter 5 Application Examples
5.1 Account Info Management
It is strongly recommended that you change the default username and password of the administrator
account when you log in Ursalink Router’s WEB GUI page at first time for the sake of security.
Example: change the username and password of administrator account to “uradmin” and “URpassword”.
The configuration procedures are listed as below.
1. Go to “System > General Settings > Account”.
2. Modify the username to “uradmin”, fill in the old Password “password”, and set the new Password
“URpassword”.
Click “Save” button, and then you will be asked to login again with the new username and password.
Related Topic
Account Management
5.2 Common User Management
The UR72 router is capable of creating up to 5 common user accounts that have different authorities,
including “Read-Only” and “Read-Write” to manage the router.
“Read-Only” refers to the authority that user is only allowed to view the configuration;
“Read-Write” refers to the authority that user can view and modify all the parameters.
Example: create 2 common user accounts listed below.
Username
ur_user1
ur_user2
Password
UR_password1
UR_password2
Permission
Read-Only
Read-Write
122
UR72 User Guide
Configuration procedures are listed as blow.
1. Go to “System > User Management > User Management”.
2. Click “ ” to add a new common user.
3. Set “Username”, “Password”, and “Permission” as below.
Click “Save” button, and then click “Apply” on the top-right corner to make the changes take effect.
Related Topic
User Management
5.3 System Time Management
There are 3 ways to synchronize the system time: “Sync with Browser”, “Set up Manually”, and “Sync with
NTP Server”.
Note: to ensure that the router runs with correct time, it’s recommended that you set the system time
when you configure the router.
In the following part we take UTC+8 time zone as an example.
A. Synchronize time with browser
Go to “System > General Settings > System Time”, set time zone as “8 China (Beijing)” and Sync Type as
“Sync with Browser”. And Click “Save” button.
123
UR72 User Guide
B.
Set up time by manual
1.
Go to “System > General Settings > System Time”, set time zone as “8 China (Beijing)” and Sync Type
as “Set up Manually”.
2.
Select the correct local time. And click “Save” button.
C.
Synchronize time with NTP server
1.
Go to “System > General Settings > System Time”, set time zone as “8 China (Beijing)” and Sync Type
as “Sync with NTP Server”.
2. Configure an available NTP server address such as “time.windows.com”.
Click “Save” button.
Related Topic
System Time Setting
124
UR72 User Guide
5.4 Backup and Restore Configuration
A. Backup Configuration
1. Go to “Maintenance > Backup and Restore > Backup and Restore”.
2. Click “Backup” button under “Backup running-config”.
Then the current configuration file will be downloaded to the “Downloads” folder of the PC.
B.
1.
2.
3.
Restore Configuration
Go to “Maintenance > Backup and Restore > Backup and Restore”.
Click “Browse” button under the “Restore” to select configuration file from PC.
Click “Import” to import the selected configuration file to the router.
Related Topic
Backup and Restore
125
UR72 User Guide
5.5 Restore Factory Defaults
5.5.1 Via Web Interface
1. Log in web interface, and go to “Maintenance > Backup and Restore”.
2. Click “Reset” button under the “Restore Factory Defaults”.
You will be asked to confirm if you’d like to reset it to factory defaults. Then click “Reset” button.
Then the router will reboot and restore to factory settings immediately.
126
UR72 User Guide
Please wait till the login page pops up again, which means the router has already been reset to factory
defaults successfully.
Related Topic
Restore Factory Defaults
5.5.2 Via Hardware
127
UR72 User Guide
Locate the reset button on the router, and take corresponding actions based on the status of STATS LED.
STATUS LED
Blinking
Static Green →
Rapidly Blinking
Off → Blinking
Action
Press and hold the reset button for more than 15 seconds.
Release the button and wait.
The router is now reset to factory defaults.
5.6 Firmware Upgrade
It is suggested that you contact Ursalink technical support first before you upgrade router firmware.
After getting firmware file from Ursalink technical support, please refer to the following steps to complete
the upgrade.
1. Go to “Maintenance > Upgrade”.
2. Click “Browse” and select the correct firmware file from the PC.
3. Click “Upgrade” and the router will check if the firmware file is correct. If it’s correct, the firmware
will be imported to the router, and then the router will start to upgrade.
128
UR72 User Guide
Related Topic
Upgrade
129
UR72 User Guide
5.7 Events Application Example
Example
In this section, we will take an example of sending alarm messages by email when the following events
occur and recording the event alarms on the Web GUI.
Events
Actions to make events occur (for test)
Cellular network is connected.
Insert SIM card.
Cellular network is disconnected.
Remove SIM card.
WAN cable is connected.
Plug WAN cable.
WAN cable is disconnected.
Unplug WAN cable.
Configuration Steps
1.
Go to “System > Events > Events Settings” and enable Event settings.
2.
Check corresponding events for record and email alarm, and then click “Save” button as below. Click
“Email Settings” and go to SMTP settings.
3.
Configure the corresponding parameters including email sending settings and recipients as below.
Click “Save” and “Apply” button to make the changes take effect.
130
UR72 User Guide
4.
To test the functionality of Alarm, please take the corresponding actions listed above.
It will send an alarm e-mail to you when the relevant event occurs.
Refresh the web GUI, go to “Events > Events”, and you will find the events records.
Related Topics
Events
Email Setting
5.8 Schedule Application Example
Through schedule configuration, the UR72 can be set to reboot at preset time every day.
Example
Configure router to reboot at 0:00 every day.
Configuration Steps
1.
Go to “Maintenance > Schedule > Schedule”.
131
UR72 User Guide
2.
Click “
” to set up a new schedule task as below.
3.
Click “Save” and “Apply” button.
Related Topic
Schedule Setting
5.9 Logs and Diagnostics
System log of the UR72 supports 3 types of output method, including Web and Remote Log Server.
Application 1
Obtain system log on Web.
Go to “Maintenance > Log > System log”, and you will see the log is listed in the box.
132
UR72 User Guide
Application 2
Send the system log to the remote syslog server.
Server IP: 110.22.14.43; Port: 514
Go to “Maintenance > Log > Log Settings” to configure the parameters as below.
Then click “Save” and “Apply” button.
Related Topic
System Log
5.10 SNMP Application Example
Before you configure SNMP parameters, please download the relevant “MIB” file from the UR72’s WEB
GUI first, and then upload it to any software or tool which supports standard SNMP protocol. Here we
take “ManageEngine MibBrowser Free Tool” as an example to access the router to query cellular
information.
1. Go to “System > SNMP > MIB” and download the MIB file “URSA-ROUTER-MIB.txt” to PC.
133
UR72 User Guide
2.
Start “ManageEngine MibBrowser Free Tool” on the PC. Click “File > Load MIB” on the menu bar.
Then select “BURSA-ROUTER-MIB.txt” file from PC and upload it to the software.
Click the “+” button beside “URSA-ROUTER-MIB”, which is under the “Loaded MibModules” menu, and find
“usCellularinfo”. And then you will see the OID of cellular info is “.1.3.6.1.4.1.50234”, which will be filled in the
MIB View settings.
3.
Go to “System > SNMP > SNMP” on the router’s WEB GUI. Check “Enable” option, then click “Save”
button.
134
UR72 User Guide
4. Go to “System > SNMP > MIB View”. Click
to add a new MIB view and define the view to be
accessed from the outside network. Then click “Save” button.
5.
Go to “System > SNMP > VACM”. Click
to add a new VACM setting to define the access authority
for the specified view from the specified outside network. Click “Save” and “Apply” to make the
changes take effect.
135
UR72 User Guide
6.
Go to MibBrowser, enter host IP address, port and community. Right click “usCellular CurrentSim”
and then click “GET”. Then you will get the current SIM info on the result box. You can get other
cellular info in the same way.
Related Topic
SNMP
5.11 LAN Management
In LAN Settings, you can configure IP and other parameters of the Ethernet ports which are set as “LAN”.
Example
GE 1 port of UR72 is configured as “LAN”. Parameters are listed below.
Interface
GE 1
IP Address
192.168.1.1
Netmask
255.255.255.0
MTU
1500
Configuration Steps
1. Go to “Network > Interface > LAN” to set parameters as below.
136
UR72 User Guide
2. Click “Save & Apply” button to make the changes take effect.
Related Topics
LAN Setting
LAN Status
5.12 Network Connection
5.12.1 Cellular Connection
The UR72 routers have two cellular interfaces, named SIM1 & SIM2. Only one cellular interface is active at
one time. If both cellular interfaces are enabled, SIM1 interface takes precedence as default.
Example
We are about to take an example of inserting a SIM card into SIM1 slot of the UR72 and configuring the
router to get Internet access through cellular.
Configuration Steps
1. Go to “Network > Interface > Cellular > Cellular Setting” and configure the cellular info.
2. Enable SIM1.
3. Choose relevant network type. "Auto", "4G First", “4G Only”, "3G First", “3G Only”, “2G First” and
"2G only" are optional.
137
UR72 User Guide
Click “Save” and “Apply” for configuration to take effect.
Note:
If you select “Auto”, the router will obtain ISP information from SIM card to set APN, Username, and
Password automatically. This option will only be taken effect when the SIM card is issued from
well-known ISP.
If you select “4G First” or “4G Only”, you can click “Save” to finish the configuration directly.
If you select “3G First”, “3G Only”, “2G First” or “2G Only”, you should manually configure APN,
Username, Password, and Access Number.
4. Check the cellular connection status by WEB GUI of router.
Click “Status > Cellular” to view the status of the cellular connection. If it shows 'Connected', SIM1 has
dialed up successfully.
138
UR72 User Guide
5.
Check out if network works properly by browser on PC.
Open your preferred browser on PC, type any available web address into address bar and see if it is able
to visit Internet via the UR72 router.
Related Topic
Cellular Setting
Cellular Status
5.12.2 Ethernet WAN Connection
When both “WAN” and “Cellular” interfaces are enabled and available, cellular interfaces will take
precedence by default.
Example
GE 0 of the UR72 is configured as “WAN”, and the port is connected with Ethernet cable to get Internet
access.
Configuration Steps
1. Go to “Network > Interface > Cellular” and disable “SIM1” and “SIM2”. Then click “Save” button.
139
UR72 User Guide
2.
Go to “Network > Interface > WAN” to configure WAN parameters. The following examples of static
IP type, DHCP Client type, and PPPoE type are listed for your reference.
(1) Static IP
(2) DHCP Client
140
UR72 User Guide
(3) PPPoE
141
UR72 User Guide
Note: if you select PPPoE type, please check the “Username” & “Password” with your local ISP.
Click “Save & Apply” button to make the changes take effect.
Related Topic
WAN Setting
WAN Status
5.13 WAN Failover/Backup Application Example
5.13.1 Dual SIM Backup
Example
In this section we will take an example of inserting two SIM cards into the UR72. When one SIM fails,
router will try to connect with the other SIM as backup link.
Configuration Steps
1. Go to “Network > Interface > Cellular” to enable SIM1 and SIM2. Leave the network type as “Auto”
by default.
2.
Enable “Dual SIM Strategy”, and configure the corresponding options as below. ICMP server can be
configured as any reachable IP address.
142
UR72 User Guide
Then click “Save” and “Apply” button.
3.
Go to “Status > Cellular”, and you will see the router is connected to the network via SIM1.
143
UR72 User Guide
4.
You can remove SIM1 to make the router fail to connect to network via it. Go to “Status > Cellular”
again, and you will see the router is connected to the network through SIM2.
Now SIM2 becomes the main SIM, and SIM1 runs as the backup.
The router won’t reconnect via SIM1 until SIM2 fails.
Related Topic
Cellular Setting
Cellular Status
5.13.2 WAN Failover
WAN failover involves in Ethernet WAN interface and cellular interface. Either can be used as main WAN
interface. If the main interface fails, the router will automatically failover to the backup interface until the
main interface functions properly again.
Application Example
An UR72 router is connected with PC via GE 1 (LAN) port, and GE 0 (WAN) of the UR72 is connected to
Internet via wired network. Configure WAN failover in the router so that it can failover to cellular to get
Internet access in case of the malfunction of wired network and failback to wired network when it’s
available again. Please refer to the topological graph below.
144
UR72 User Guide
Configuration Steps
1. Go to “Network > Interface > WAN” and configure wired WAN connection as below.
When configuration is done, click “Save & Apply” button.
Then confirm if it is able to visit Internet on PC through the UR72.
2.
Go to “Network > Interface > Cellular”, enable cellular settings and click “Save” button.
145
UR72 User Guide
3.
Go to “Network > Link Failover > SLA” and configure SLA probe. The default probe type is ICMP. The
destination address is the host address which can be probed by ICMP in public network or private
network. Other parameters can be kept as default value.
4.
Go to “Network > Link Failover > Track” for Track parameters configuration. You can use the default
146
UR72 User Guide
Track settings.
5.
Go to “Network > Link Failover > WAN Failover” and select “GE0” as main interface, “cellular0” as
backup interface. Other parameters can be kept as default value.
After all configurations are done, click “Apply” button.
6.
Login the router via SSH, and use command “show ip route” to check the route table. And you will
see the router access to the network via GE0 interface (wired network).
7.
Check how WAN failover functions.
(1) Unplug the Ethernet cable from GE 0 port of the router. Check the route table, and you will see the
router access to the network via cellular0 interface (SIM).
147
UR72 User Guide
(2) Plug the Ethernet cable to GE 0 port again. Check the route table, and you will see the router access
to the network via GE0 interface (wired network) again.
Related Topics
WAN Setting
Cellular Setting
Track Setting
SLA Setting
WAN Failover Setting
5.14 Wi-Fi Application Example (Only Applicable to Wi-Fi Version)
5.14.1 AP Mode
Application Example
Configure UR72 as AP to allow connection from users or devices.
Configuration Steps
1. Go to “Network > Interface > WLAN” to configure wireless parameters as below.
148
UR72 User Guide
The IP address must be in different network segment from the LAN IP address.
Click “Save” and “Apply” button after all configurations are done.
2.
Use a smart phone to connect by SSID “Wi-Fi Test”. Go to “Status > WLAN”, and you can check the AP
settings and information of the connected client/user.
5.14.2 Client Mode
Application Example
Configure UR72 as Wi-Fi client to connect to an access point to have Internet access.
149
UR72 User Guide
Configuration Steps
1.
Go to “Network > Interface > WLAN” to configure wireless as below.
Click “Save” and “Apply” button after all configurations are done.
2.
Go to “Status > WLAN”, and you can check the wireless settings, connection status and the
information of the access point.
Related Topic
WLAN Setting
WLAN Status
150
UR72 User Guide
5.15 VRRP Application Example
Application Example
A Web server requires Internet access through the UR72 router. To avoid data loss caused by router
breakdown, two UR72 routers can be deployed as VRRP backup group, so as to improve network
reliability.
VRRP group:
GE 0 ports of the UR72 Router A and Router B are connected to the Internet via wired network. And GE 1
ports of them are connected to a switch.
Virtual IP is 192.168.1.254/24.
UR72
Router
Virtual Router ID
(Same for A and B)
Port connected LAN
with switch
IP Address
Priority
Preemption
Mode
A
1
GE 1
192.168.1.1
110
Enable
B
1
GE 1
192.168.1.2
100
Disable
Refer to the topological below.
Configuration Steps
Router A Configuration
1. Go to “Network > Interface > WAN” and configure wired WAN connection as below.
151
UR72 User Guide
2.
Go to “Network > Link Failover > SLA” and configure SLA probe. The default probe type is ICMP. The
destination address is the host address which can be probed by ICMP in public network or private
network. Other parameters can be kept as default value.
3.
Go to “Network > Link Failover > Track” and configure link track parameters. You can use the default
Track settings.
152
UR72 User Guide
4.
Go to “Network > Link Failover > VRRP” and configure VRRP parameters as below.
Router B Configuration
1. Go to “Network > Interface > WAN” and configure wired WAN connection as below.
153
UR72 User Guide
2.
Go to “Network > Link Failover > SLA” and configure SLA probe. The default probe type is ICMP. The
destination address is the host address which can be probed by ICMP in public network or private
network. Other parameters can be kept as default value.
3.
Go to “Network > Link Failover > Track” and configure link track parameters. You can use the default
Track settings.
154
UR72 User Guide
4.
Go to “Network > Link Failover > VRRP” and configure VRRP parameters as below.
Once you complete all configurations, click “Apply” button on the top-right corner to make changes take
effect.
Result: normally, A is the master router, used as the default gateway. When the power of Router A is
down or Router A suffers from failure, Router B will become the master router, used as the default
gateway. With Preemption Mode enabled, Router A will be master and Router B will demote back to be
the backup once Router A can access the Internet again.
155
UR72 User Guide
Related Topics
VRRP Setting
Track Setting
SLA Setting
5.16 Static Routing Application Example
Static routing can build up the communication between 2 different private networks.
Application Example
The UR72 Router A and the UR72 Router B are connected with GE 0 (WAN) port as shown in the following
topological graph.
Add static routing in A and B to make PC1 and PC2 communicate with each other.
Configuration Steps
Configure the Router A
1. Go to “Network > Routing > Static Routing”.
2. Click “ ” to set a new static routing parameters as below. Track ID can be null.
Click “Save” and “Apply” button.
156
UR72 User Guide
Configure the Router B
Repeat the above configuration steps on the Router B and configure the routing parameters as below.
Click “Save” and “Apply” button.
Related Topic
Static Routing
5.17 Dynamic Routing Application Example
Example
The UR72 Router A and the UR72 Router B are connected with GE 0 (WAN) port. Refer to the below
topological graph.
Add dynamic routing in Router A and Router B to establish communication between PC1 and PC2.
Configuration Steps
Router A Configuration
1. Go to “Network > Interface > WAN” and configure WAN parameters.
157
UR72 User Guide
2.
Go to “Network > Interface > LAN” and configure LAN parameters.
3.
Go to “Network > Routing > RIP” and configure dynamic routing parameters.
Click “Save” and “Apply” button.
Router B Configuration
1.
Go to “Network > Interface > WAN” and configure WAN parameters.
158
UR72 User Guide
2.
Go to “Network > Interface > LAN” and configure LAN parameters.
3.
Go to “Network > Routing > RIP” and configure dynamic routing parameters.
159
UR72 User Guide
Click “Save” and “Apply” button.
Once you complete all configurations, PC1 and PC2 can communicate with each other.
Related Topic
RIP Setting
5.18 NAT Application Example
Example
An UR72 router can access Internet via cellular. GE 1 port is connected with a Web server whose IP
address is 192.168.1.2 and port is 8000. Configure the router to make public network access the server.
Configuration Steps
Go to “Firewall > Port Mapping” and configure port mapping parameters.
Click “Save” and “Apply” button.
Related Topic
Port Mapping
5.19 Access Control Application Example
Application Example
GE 1 port of the UR72 is set as LAN with IP 192.168.1.0/24. Then configure the router to deny accessing to
Google IP 198.98.108.64 from local device with IP 192.168.1.12.
160
UR72 User Guide
Configuration Steps
1. Go to “Network > Firewall > ACL” to configure access control list. Click “
” button to set parameters
as below. Then click “Save” button.
2.
Configure interface list. Then click “Save” and “Apply” button.
Related Topic
ACL
5.20 QoS Application Example
Example
161
UR72 User Guide
Configure the UR72 router to distribute local preference to different FTP download channels. The total
download bandwidth is 75000 kbps.
Note: the “Total Download Bandwidth” should be less than the real maximum bandwidth of WAN or
cellular interface.
FTP Server IP & Port
110.21.24.98:21
110.32.91.44:21
Percent
40%
60%
Max Bandwidth(kbps)
30000
45000
Min Bandwidth(kbps)
25000
40000
Configuration Steps
1. Go to “Network > QoS > QoS(Download)” to enable QoS and set the total download bandwidth.
2.
Please find “Service Classes” option, and click “
” to set up service classes.
Note: the percents must add up to 100%.
3.
Please find “Classification Rules” option, and click “
” to set up rules.
Click “Save” and “Apply” button.
Note: IP/Port: null refers to any IP address/port.
Related Topic
QoS Setting
5.21 DTU Application Example
Example
PLC is connected with the UR72 via RS232. Then enable DTU function of the UR72 to make a remote TCP
server communicate with PLC. Refer to the following topological graph.
162
UR72 User Guide
Serial Parameters of the PLC
Baud Rate
9600
Data Bit
8
Stop Bit
1
Parity
None
Configuration Steps
1.
Go to “Industrial > Serial Port > Serial 1” and configure serial port parameters. The serial port
parameter shall be kept in consistency with those of PLC, as shown in figure below.
2.
Configure Serial Mode as “DTU Mode”. The UR72 is connected as client in “Transparent” protocol.
163
UR72 User Guide
3.
Configure TCP server IP and port.
4.
Once you complete all configurations, click “Save” and “Apply” button.
5.
Start TCP server on PC.
Take “Netassist” test software as example. Make sure port mapping is already done.
164
UR72 User Guide
6.
Connect the UR72 to PC via RS232 for PLC simulation. Then start “sscom” software on the PC to test
communication through serial port.
7.
After connection is established between the UR72 and the TCP server, you can send data between
sscom and netassit.
PC side
165
UR72 User Guide
TCP server side
8.
After serial communication test is done, you can connect PLC to RS232 port of the UR72 for test.
Related Topic
Serial Port
5.22 PPTP Application Example
Example
Configure the UR72 as PPTP client to connect to a PPTP server in order to have data transferred securely.
Refer to the following topological graph.
Configuration Steps
1. Go to “Network > VPN > PPTP”, configure PPTP server IP address, username and password provided
by PPTP server.
Note: If you want to have all data transferred through VPN tunnel, check “Global Traffic Forwarding”
option.
166
UR72 User Guide
If you want to access peer subnet such as 192.168.3.0/24, you need to configure the subnet and mask to
add the route.
2.
Check “Show Advanced” option, and you will see the advanced settings.
167
UR72 User Guide
If the PPTP server requires MPPE encryption, then you need to check “Enable MPPE” option.
If the PPTP server assigns fixed tunnel IP to the client, then you can fill in the local tunnel IP and remote
tunnel IP, shown as below.
Otherwise PPTP server will assign tunnel IP randomly.
Click “Save” button when you complete all settings, and then the advanced settings will be hidden again.
Then click “Apply” button to have the configurations take effect.
3.
Go to “Status > VPN” and check PPTP connection status.
PPTP is established as shown below.
Local IP: the client tunnel IP.
Remote IP: the server tunnel IP.
Related Topics
PPTP Setting
PPTP Status
[END]
168
Download PDF
Similar pages