Maxon MA-2025, MA-2025-4G Unimax Ethernet Modem Router User Manual
The Unimax Ethernet Modem Router MA-2025 and MA-2025-4G are devices that allow you to connect your LAN to a wireless WAN using cellular networks (3G or 4G). They are compatible with a wide range of industrial applications and offer a variety of features, including L2TP/IPsec VPN, DHCP server, and digital I/O control. They can be configured through their web interface which allows you to manage and monitor the network.
advertisement
Assistant Bot
Need help? Our chatbot has already read the manual and is ready to assist you. Feel free to ask any questions about the device, but providing details will make the conversation more productive.
Version 2.2
TABLE OF CONTENTS
CONTACT INFORMATION ............................................................................ 7
RF EXPOSURE COMPLIANCE ........................................................................ 8
UNIMAX+ USER MANUAL .......................................................................... 11
INTRODUCTION ............................................................................. 12
Overview.................................................................................. 12
MA-2025-4G Feature set .......................................................... 12
MA-2025 Feature set ................................................................ 12
HARDWARE ................................................................................... 14
Front Panel .............................................................................. 14
Side Panel (Left) ...................................................................... 15
Side Panel (Right) .................................................................... 15
Back Panel ............................................................................... 15
SPECIFICATIONS ........................................................................... 16
Mechanical ............................................................................... 16
Environmental ......................................................................... 16
Electrical .................................................................................. 16
Hardware ................................................................................. 16
PROTOCOLS & ENCRYPTIONS ........................................................ 17
PPP (Point-to-Point Protocol) .................................................. 17
PPPoE (Point-to-Point Protocol over Ethernet) ........................ 17
DHCP (Dynamic Host Configuration Protocol) .......................... 18
NAT (Network Address Translation or Translator) ................... 18
SNMP (Simple Network Management Protocol) ....................... 19
SNTP (Simple Network Time Protocol) ..................................... 19
ICMP (Internet Control Message Protocol) .............................. 20
NAT-T ....................................................................................... 20
IKE ........................................................................................... 21
4.9.1 3DES ...................................................................................... 21
4.9.3 MD5 ....................................................................................... 21
4.9.4 SHA ....................................................................................... 21
ISAKMP .................................................................................... 21
ESP .......................................................................................... 22
4
WEB INTERFACE ............................................................................ 23
Configuration Page Descriptions .............................................. 24
Status ................................................................................... 24
LAN ...................................................................................... 26
WAN ..................................................................................... 27
maXconnect .......................................................................... 30
Password ............................................................................... 30
Log Out ................................................................................. 31
Configuration Page Descriptions – Advanced ........................... 32
Dynamic DNS ......................................................................... 32
DoS Filters .............................................................................. 32
DMZ ..................................................................................... 32
Port Forwarding ...................................................................... 34
IP Filtering .............................................................................. 35
MAC Filtering .......................................................................... 36
VPN ...................................................................................... 37
Digital I/O Control ................................................................... 37
Ping Tool ............................................................................... 39
SNMP .................................................................................... 40
Static Route ........................................................................... 41
Configuration Page Descriptions – Administrator .................... 41
AT ........................................................................................ 41
Backup (Save/Reload) ............................................................. 42
Time Zone .............................................................................. 44
System .................................................................................. 45
Upgrade Firmware .................................................................. 46
Save & Reboot ....................................................................... 47
OPERATION ................................................................................... 48
Modem Router Mode ................................................................ 48
Setting Host PC’s Network Environment ........................................ 48
Bridge Mode (Not compatible to 4G Unimax+) ......................... 50
H/W Specifications .............................................................................. 55
Electrical Specifications ....................................................................... 55
5
Commands ....................................................................................... 56
WAN Connection – Signal Level ................................................................ 60
Setting up an SNMP Agent ........................................................................ 60
Example Environment .......................................................................... 60
Unimax+ Configuration ...................................................................... 60
PowerSNMP Free Manager Configuration ................................................ 61
Setting up a Unimax+ as a VPN Gateway or a VPN Client ......................... 63
VPN Gateway .................................................................................... 63
VPN Client (L2TP over IPSec) ................................................................. 64
VPN Client (IPSec) .............................................................................. 66
Connecting to a HUB .......................................................................... 68
Setting DMZ Host .............................................................................. 71
Hardware Issues ................................................................................. 72
6
C O N T A C T I N F O R M A T I O N
In keeping with Maxon's dedicated customer support policy, we encourage you to contact us.
TECHNICAL:
Hours of Operation: Monday to Friday 8.30am to 5.30pm*
Telephone: +61 2 8707 3000
Facsimile: +61 2 8707 3001
Email: [email protected]
* Public holidays excluded
SALES:
Hours of Operation: Monday to Friday 8.30am to 5.30pm*
Telephone: +61 2 8707 3000
Facsimile: + 61 2 8707 3001
Email: [email protected]
* Public holidays excluded
WEBSITE: www.maxon.com.au
ADDRESS:
Maxon Australia Pty Ltd
36a Gibson Avenue, Padstow
Sydney, NSW, Australia 2211
POSTAL ADDRESS
Maxon Australia Pty Ltd
Po Box 1, Revesby North,
Sydney, NSW Australia 2212
7
R F E X P O S U R E C O M P L I A N C E
The use of this device in any other type of host configuration may not comply with the
RF exposure requirements and should be avoided. During operation, a 20 cm separation distance should be maintained between the antenna, whether extended or retracted, and the user’s/bystander’s body (excluding hands, wrists, feet, and ankles) to ensure RF exposure compliance.
Caution
Change or modification without the express consent of Maxon Australia Pty Ltd voids the user’s authority to use the equipment. These limits are designed to provide reasonable protection against harmful interference in an appropriate installation. The modem is a transmitting device with similar output power to a mobile phone. This equipment generates, uses, and can radiate radio frequency energy and, if not used in accordance with instructions, can cause harmful radiation to radio communication.
The modem is approved for use with the antenna: ANT-FME. Unauthorized antennas, modifications, or attachments could impair call quality, damage the device, or result in violation of RF exposure regulations.
In addition, there is no guarantee that interference will not occur in a particular installation. If the equipment does cause harmful interference in radio and television reception, which can be determined by turning the equipment on and off, the user is encouraged to try to correct the interference by one or more of the following measures:
Re-orient or relocate the receiving radio or TV antenna
Increase the separation distance between the equipment and the receiver
Contact Maxon Australia Technical Support for assistance.
Notes
The user is cautioned that changes or modifications not expressly approved by Maxon
Australia could void the warranty.
8
Potentially Unsafe Areas
Posted Facilities: Turn off this device in any facility or area when posted notices require you to do so.
Blasting Areas: Turn off your device where blasting is in progress. Observe restrictions and follow any regulations or rules.
Potentially Explosive Atmospheres: Turn off your device when you are in any area with a potentially explosive atmosphere. Obey all signs and instructions. Sparks in such areas could cause an explosion or fire, resulting in bodily injury or death.
Areas with a potentially explosive atmosphere are often but not always clearly marked.
They include:
Fuelling areas such as gas or petrol stations
Below deck on boats
Transfer or storage facilities for fuel or chemicals
Vehicles using liquified petroleum gas, such as propane or butane
Areas when the air contains chemicals or particles such as grain, dust or metal powders
Avoid using the modem in areas that emit electromagnetic waves or enclosed metallic structures, e.g. lifts
Any other area where you would normally be advised to turn off your engine
9
R E V I S I O N H I S T O R Y
Product
Model
Document Type
Current Version Number
Status of the Document
Revision Date
Total Number of Pages
Revision History
Date
April 2014
May 2014
July 2014
June 2015
September 2015
Level
1.0
1.1
1.2
1.3
1.4
1.5
1.7
1.8
UNIMAX+ Industrial Ethernet Router
MA-2025, MA-2025-4G
1.8
Public Release
September 2015
71
History
Internal Release Version
Public Release
Maxon Australia, LEDs operation
Internal Release with 4G
Added Invalid PPP password characters
4G Release
Minor changes included
Added feature like G2G VPN, AT over IP, Data limitation etc.
10
This document is the sole and exclusive property of Maxon
Australia. Not to be distributed or divulged without prior written agreement
.
36A Gibson Ave
Padstow NSW 2211
Australia
URL: www.maxon.com.au
U N I M A X + U S E R M A N U A L
All data and information contained in or disclosed by this document are confidential and proprietary information of Maxon Australia, and all rights therein are expressly reserved. By accepting this material, the recipient agrees that this material and the information contained therein are held in confidence and in trust and will not be used, copied, reproduced in whole or in part, nor its contents revealed in any manner to others without the express written permission of Maxon Australia. This information provided in this document is provided on an “as is” basis.
In no event will Maxon Australia be liable for any damages arising directly or indirectly from any use of information contained in this document. Information in this document is preliminary and subjected to change without any notice.
Disclaimers
Life support – This product is not designed for use in life support appliances or systems where malfunction of these products can reasonably be expected to result in personal injury.
Maxon Australia customers using or selling these products for use in such applications do so at their own risk and agree to fully indemnify Maxon Australia for any damages resulting from such application.
Right to make change - Maxon Australia reserves the right to make changes, without notice, in the products, including circuits and software, described or contained herein in order to improve design and/or performance.
11
This document is the sole and exclusive property of Maxon
Australia. Not to be distributed or divulged without prior written agreement
.
36A Gibson Ave
Padstow NSW 2211
Australia
URL: www.maxon.com.au
1 . I N T R O D U C T I O N
1.1 Overview
The Unimax+ Ethernet Router performs data communication functions between wired-
LAN (Local Area Network) and wireless WAN (Wide Area Network) using LTE cellular
(Unimax+ 4G) and HSPA cellular stations wirelessly (Unimax+ 3G). The Unimax+ has a wide input voltage range from 9~30 [VDC] which provides compatibility for platforms utilising various industrial applications.
1.2 MA-2025-4G Feature set
LTE Wireless Module
MC7304
PCI (100 Mbps downlink, 50 Mbps uplink)
Frequency Bands – LTE 2100/1800/2600/900/ 800 MHz
Carrier Support in Australia- Telstra (4G 1800 MHz/3G 850MHz and GSM 900/1800
MHz, Optus (4G 1800 MHz/ 3G 900/2100 MHz and GSM 900/1800MHz), Vodafone
(4G 1800MHz, 3G 2100Mz and GSM 900/1800 MHz)
10/100Mbps Ethernet Port, Supports 10/100MHz Auto-Sensing
32-bit RISC Network System on Chip
System clock 175MHz (CPU) and 88MHz (BUS)
3-Status LEDs indicator for device status
External Antenna (FME Male)
Periodic Reset
Diagnostic Port
Digital Inputs (Support 5V)
Digital Outputs (Support 3.3V)
L2TP/IPsec VPN
Wide Range input Voltage range from 9 to 30[VDC]
1.3 MA-2025 Feature set
HSPA Wireless Module MC8705 PCI (21.1 Mbps downlink, 5.76 Mbps uplink)
Frequency Bands - WCDMA 850/900/1900/2100 MHz
10/100Mbps Ethernet Port, Supports 10/100MHz Auto-Sensing
32-bit RISC Network System on Chip
System clock 175MHz (CPU) and 88MHz (BUS)
3-Status LEDs indicator for device status
External Antenna (FME Male)
12
Periodic Reset
Diagnostic Port
Digital Inputs (5V tolerable)
Digital Outputs (Supports up to 24V, 30mA with external I/O Board)
L2TP/IPsec VPN
Wide Range input Voltage range from 9 to 30[VDC]
NOR
Flash
(8MB)
USB 2. 0
SIM
Socket
Mem ory
BUS
SDRAM
(32MB)
Push S/ W
(Factory reset)
Ethernet
Port
&
Debug
GPIO
WAN
CPU
GPIO
UART
USB2. 0
Switcher
Debug
Port
(14 Pin)
Mini PCI
Express
&
70pin
Connector
Status
LED
(2Ea)
JTAG
Cable
GPIO
EJTAG
Interrupt
GPIO
Digital Input
Module
(Support 5V)
Digital Output Module
(Changed Ext signal?)
Ext Connector
(Molex 5268)
MODEM
Status
LED
(1Ea)
[Figure 1: System Block diagram]
13
2 . H A R D W A R E
2.1 Front Panel
[Figure 1:MA-2025] [Figure 1:MA-2025] [Figure 2:MA-2025-4G]
LED DISPLAY
5 seconds ON, 0.2 seconds OFF
DESCRIPTION
Searching for a service
Wireless Signal
Send/Receive
Data
POWER
[Table 1: LED Display]
0.4 seconds ON, 0.1 seconds OFF
0.4 seconds ON, 0.1 seconds OFF
Solid ON
500ms ON and 500ms OFF
OFF
ON
OFF
When connected
When connected and transferring data
Indicates connection mode with no data communication
Indicates connection mode with data communication
Indicates Unimax+ is not connected to Internet
Indicates main power is ON
Indicates main power is OFF
14
2.2 Side Panel (Left)
1. Ethernet Port
2. Diagnostic Port (for debugging)
3. Digital I/O (Input: max 5VDC, Output: max 3.3VDC)
PIN NUMBER
1 (VDD)
2 (D/I 1)
3 (D/I 2)
4 (D/O 1)
5 (D/O 2)
6 (GND)
[Table 2: Digital I/O PIN Number]
DESCRIPTION
3.3V out
Digital input (max 5VDC)
Digital input (max 5VDC)
Digital output (max 3.3VDC)
Digital output (max 3.3VDC)
GND
4. Reset (Factory Reset)
5. Power (9 – 30VDC)
2.3 Side Panel (Right)
3G/4G FME Male Antenna Connector
2.4 Back Panel
SIM Connector
15
3 . S P E C I F I C A T I O N S
3.1 Mechanical
Dimension
Weight
Housing Material
75.7 x 122.0 x 20.6 mm (with side bracket)
128g Approx.
Aluminum
[Table 3: Mechanical Specifications]
3.2 Environmental
Operating Temp - 10 ~ + 65 [°C]
Extreme Operating Temp - 20 ~ + 70 [°C]
Storage Temp
Humidity
- 40 ~ + 90 [°C]
5% ~ 95%
[Table 4: Environmental Specifications]
3.3 Electrical
DC Input Voltage
Maximum Current
Internal Voltage
Operating Current
Standby
PKT Data Connection
[Table 5: Electrical Specifications]
+ 9 ~ +30 [VDC]
Under 1000 [mA] @ 12[VDC]
+1.8, +2.5 +3.3, + 3.8, + 5 [VDC]
Under 150 [mA] @ 12 [VDC]
Under 180 [mA] @ 12 [VDC]
3.4 Hardware
ITEM
Product
User MCU
Program Memory
DESCRIPTION
UNIMAX+ (3G & 4G) Industrial Ethernet
Router
32-bit Network Processor
8M Bytes (Flash)
Data Memory 32M Bytes (SDRAM)
Wireless Interface 4G model LTE Module
LTE Mini PCI Express Module
MC7304PCI
Wireless Interface 3G model HSPA WCDMA Module
HSPA Mini PCI Express Module MC8705
PCI
15-Pin Diagnostic Port
Ethernet
1 Test Port
1 Port 10/100Mbps Ethernet (only Full
Duplex)
Digital I/O Port
Display
R-UIM
2 Digital Inputs, 2 Digital Outputs
3 Status LED’s
Support
[Table 6: Hardware Specifications]
16
4 . P R O T O C O L S & E N C R Y P T I O N S
4.1 PPP (Point-to-Point Protocol)
PPP (Point-to-Point Protocol) is a protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. For example, your Internet service provider may provide you with a PPP connection so that the provider's server can respond to your requests, pass them on to the Internet, and forward the requested Internet responses back to you. PPP uses the
Internet protocol (IP) and is designed to handle others. It is sometimes considered a member of the TCP/IP suite of protocols. Relative to the Open Systems Interconnection
(OSI) reference model, PPP provides layer 2 (data-link layer) services. Essentially, it packages your computer's TCP/IP packets and forwards them to the server where they can actually be put on the Internet.
PPP is a full-duplex protocol that can be used on various physical media, including twisted pair or fiber optic lines or satellite transmission. It uses a variation of High Speed
Data Link Control (HDLC) for packet encapsulation.
4.2 PPPoE (Point-to-Point Protocol over Ethernet)
PPPoE (Point-to-Point Protocol over Ethernet) is a specification for connecting multiple computer users on an Ethernet local area network to a remote site via a modem. PPPoE can be used to have an office or building-full of users share a common Digital
Subscriber Line (DSL), cable modem, or wireless connection to the Internet. PPPoE combines the Point-to-Point Protocol (PPP), commonly used in dialup connections, with the Ethernet protocol, which supports multiple users in a local area network. The PPP protocol information is encapsulated within an Ethernet frame.
PPPoE has the advantage that neither the telephone company nor the Internet service provider (ISP) needs to provide any special support. Unlike dialup connections, DSL and cable modem connections are "always on." Since a number of different users are sharing the same physical connection to the remote service provider, a way is needed to keep track of which user traffic should go to and which user should be billed. PPPoE provides for each user-remote site session to learn each other's network addresses
(during an initial exchange called "discovery"). Once a session is established between an individual user and the remote site (for example, an Internet service provider), the session can be monitored for billing purposes.
17
4.3 DHCP (Dynamic Host Configuration Protocol)
DHCP (Dynamic Host Configuration Protocol) is a communication protocol that lets network administrators centrally manage and automate the assignment of Internet
Protocol (IP) addresses in an organization's network. Using the Internet Protocol, each machine that connects to the Internet needs a unique IP address, which is assigned when an Internet connection is created for a specific computer. Without DHCP, the IP address must be entered manually at each computer in an organization and a new IP address must be entered each time a computer moves to a new location on the network. DHCP lets a network administrator supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network.
DHCP uses the concept of a "lease" or amount of time that a given IP address will be valid for a computer. The lease time can vary depending on how long a user requires the Internet connection at a particular location. It's especially useful in education and other environments where users change frequently. Using very short leases, DHCP can dynamically reconfigure networks in which there are more computers than there are available IP addresses. The protocol also supports static addresses for computers that need a permanent IP address, such as Web servers.
4.4 NAT (Network Address Translation or Translator)
NAT (Network Address Translation or Network Address Translator) is the translation of an
Internet Protocol address (IP address) used within one network to a different IP address known within another network. One network is designated as the inside network and the other as the outside. Typically, a company maps its local inside network addresses to one or more global outside IP addresses and un-maps the global IP addresses on incoming packets back into local IP addresses. This helps ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request. NAT also conserves on the number of global IP addresses that a company needs and it lets the company use a single IP address in its communication with the world.
NAT is included as part of a router and is often part of a corporate firewall. Network administrators create a NAT table that does the global-to-local and local-to-global IP address mapping. NAT can also be used in conjunction with policy routing. NAT can be statically defined or it can be set up to dynamically translate from and to a pool of IP addresses. NAT lets an administrator create tables that map:
18
A local IP address to one global IP address statically
A local IP address to any of a rotating pool of global IP addresses that a company may have
A local IP address plus a particular TCP port to a global IP address or one in a pool of them
A global IP address to any of a pool of local IP addresses on a round-robin basis
NAT is described in general terms in RFC 1631, which discusses NAT's relationship to
Classless Inter-domain Routing (CIDR) as a way to reduce the IP address depletion problem. NAT reduces the need for a large amount of publicly known IP addresses by creating a separation between publicly known and privately known IP addresses. CIDR aggregates publicly known IP addresses into blocks so that fewer IP addresses are wasted.
4.5 SNMP (Simple Network Management Protocol)
Simple Network Management Protocol (SNMP) is the protocol governing network management and the monitoring of network devices and their functions. It is not necessarily limited to TCP/IP networks.
4.6 SNTP (Simple Network Time Protocol)
Simple Network Time Protocol (SNTP) is a protocol that is used to synchronize computer clock times in a network of computers. In common with similar protocols, SNTP uses
Coordinated Universal Time (UTC) to synchronize computer clock times to a millisecond, and sometimes to a fraction of a millisecond.
Accurate time across a network is important for many reasons; even small fractions of a second can cause problems. For example, distributed procedures depend on coordinated times to ensure that proper sequences are followed. Security mechanisms depend on coordinated times across the network. File system updates carried out by a number of computers also depend on synchronized clock times. Air traffic control systems provide a graphic illustration of the need for coordinated times, since flight paths require very precise timing (imagine the situation if air traffic controller computer clock times were not synchronized).
UTC time is obtained using several different methods, including radio and satellite systems. Specialised receivers are available for high-level services such as the Global
Positioning System (GPS). However, it is not practical or cost-effective to equip every computer with one of these receivers. Instead, computers designated as primary time
19
servers are outfitted with the receivers and they use protocols such as SNTP to synchronize the clock times of networked computers. Degrees of separation from the
UTC source are defined as strata. A radio clock (which receives true time from a dedicated transmitter or satellite navigation system) is stratum-0; a computer that is directly linked to the radio clock is stratum-1; a computer that receives its time from astratum-1 computer is stratum-2, and so on.
The term SNTP applies to both the protocol and the client/server programs that run on computers. The programs are compiled by the user as an SNTP client, SNTP server, or both. In basic terms, the SNTP client initiates a time request exchange with the time server. As a result of this exchange, the client is able to calculate the link delay, its local offset, and adjust its local clock to match the clock at the server's computer. As a rule, six exchanges over a period of about five to 10 minutes are required to initially set the clock. Once synchronized, the client updates the clock about once every 10 minutes, usually requiring only a single message exchange. Redundant servers and varied network paths are used to ensure reliability and accuracy. In addition to client/server synchronization, SNTP also supports broadcast synchronization of peer computer clocks.
SNTP is designed to be highly fault-tolerant and scalable.
4.7 ICMP (Internet Control Message Protocol)
ICMP (Internet Control Message Protocol) is a message control and error-reporting protocol between a host server and a gateway to the Internet. ICMP uses Internet
Protocol - IP data-grams, but the messages are processed by the IP software and are not directly apparent to the application user.
4.8 NAT-T
NAT-T (NAT Traversal in the IKE) is a method of enabling IPSec-protected IP datagram’s to pass through a Network address translator (NAT). An IP packet is modified while passing through a network address translator device in a manner that is incompatible with Internet Protocol Security (IPSec). NAT-T protects the original IPSec encoded packet by encapsulating it with another layer of UDP and IP headers. The negotiation during the Internet key exchange (IKE) phase is defined in RFC 3947 and the UDP encapsulation itself is defined in RFC 3948. Most major networking vendors support NAT-
T for IKEv1 in their devices. In Microsoft Windows XP with Service Pack 2 the feature can be enabled.
20
4.9 IKE
Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association
(SA) in the IPSec protocol suite. IKE uses a Diffie-Hellman key exchange to set up a shared session secret, from which cryptographic keys are derived. Public key techniques or, alternatively, a pre-shared key, are used to mutually authenticate the communicating parties.
4.9.1 3DES
The earliest standard that defines the algorithm (ANS X9.52, published in 1998) describes it as the "Triple Data Encryption Algorithm (TDEA)" — i.e. three operations of the Data Encryption Algorithm specified in ANSI X3.92 — and does not use the terms "Triple DES" or "DES".
4.9.2 AES
The Advanced Encryption Standard (AES) is an encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael. Each
AES cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits, respectively. The AES ciphers have been analyzed extensively and are now used worldwide.
4.9.3 MD5
MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. As an Internet standard (RFC 1321), MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files.
4.9.4 SHA
SHA stands for Secure Hash Algorithm. The three SHA algorithms are structured differently and are distinguished as SHA-0, SHA-1, and SHA-2. The SHA-2 family uses an identical algorithm with a variable digest size which is distinguished as SHA-224,
SHA-256, SHA-384, and SHA-512.
4.10 ISAKMP
ISAKMP defines the procedures for authenticating a communicating peer, creation and management of Security Associations, key generation techniques, and threat mitigation (e.g. denial of service and replay attacks). ISAKMP typically utilizes IKE for key exchange, although other methods can be implemented.
21
4.11 ESP
Encapsulating Security Payload (ESP) is a member of the IPSec protocol suite. In IPSec, it provides origin authenticity, integrity, and confidentiality protection of packets. ESP also supports encryption-only and authentication-only configurations, but using encryption without authentication is strongly discouraged because it is insecure. Unlike
Authentication Header (AH), ESP does not protect the IP packet header. However, in
Tunnel Mode, where the entire original IP packet is encapsulated with a new packet header added, ESP protection is afforded to the whole inner IP packet (including the inner header) while the outer header remains unprotected. ESP operates directly on top of IP, using IP protocol number 50.
22
5 . W E B I N T E R F A C E
Unimax+ can be configured through its web interface.
[Figure 2: Web-based configuration of Unimax+]
Power ON the Unimax+ Router and connect to a computer using an Ethernet cable. To launch the web interface of the Unimax+, open a web browser such as Internet Explorer for Windows and type the following IP address in the address bar:
[Figure 3: Web-based configuration page address]
Enter username and password in the pop-up window that prompts for login details. The
Username and password are both ‘admin’ by default. The default username and password can be changed on the Password Setup Page.
[Figure 4: Log-in window]
The Home page of the web interface of Unimax+ will come up with connection status and device information.
23
5.1 Configuration Page Descriptions
5.1.1 Status
Status page displays the current status of LAN, WAN and Network Information.
[Figure 5: Status Page]
ITEM
Up Time
DESCRIPTION
Operation time after power up
System Time System time acquired from modem
F/W Version Current firmware version of Unimax+ Router
Module Version
Current Firmware version of the cellular module inside
Unimax+ Router
WAN
(Current mode)
Current operation mode i.e. Modem Router or Bridge
WAN IP IP address assigned by ISP such as Telstra or Optus
24
Netmask
Network
Registration
Network
Subnet Mask assigned by ISP such as Telstra or Optus
Status of the module including registration
Network status of Unimax+ Router
PIN Status Status of PIN request (enable/disable)
Network Band Cellular Band Frequency Information of 3G or 4G network
Signal Level Status of current signal strength(dBm)
Send/Receive
Packets
Status of Incoming and Outgoing WAN data packets. This is for information purpose only and should not be used for billing purposes.
LAN
IP
Unimax+ IP address
Netmask Subnet Mask assigned by Unimax+ for LAN
MAC MAC address of Unimax+ LAN adaptor
Send/Receive
Packets
Status of Incoming and Outgoing LAN data packets
[Table 6: Status Page Information]
25
5.1.2 LAN
The LAN page allows configuring the IP address of Unimax+, DHCP range and viewing information of the clients connected on the Unimax+ LAN port.
[Figure 6: LAN Page]
ITEM
Unimax+
Gateway IP
IP Address
DESCRIPTION
Unimax+ can be configured with a Static IP or can be set to obtain an IP address from an external DHCP Server (Client Mode)
Configure Unimax+ IP address
Subnet Mask Configure the subnet mask
DHCP Enable or Disable DHCP server of Unimax+
DHCP Client
Range
Assign IP address range for DHCP Server of
Unimax+
[Table 8: LAN Page Information]
26
5.1.2 WAN
The WAN page allows configuring network authentication information, connection retrial and Scheduler timers.
[Figure 7: WAN Page]
27
ITEM DESCRIPTION
Mode
Profile
Modem Router Mode
Bridge Mode
(Note : Not compatible to 4G
Unimax+)
Select a predefined profile or create one using the custom option
Select APN Name provided by the ISP APN Name
Dialup
Data Limitation
Telephone number to dial
Data can limited to certain value. Once it is reached the WAN connection will stop. The phone numbers can be set under system page where modem will notify users via SMS when data limit is reached to 90% and 100%. It is recommended to put the data limit above 15
MB
User Name
Password
PPP Echo
Check
Username provided by the ISP
Password provided by the ISP
MTU Maximum Transmission Unit of Unimax+
Authentication Select Authentication scheme used by the ISP
LCP echo interval time can be set by the user.
This option checks the status of the PPP connection.
Auto PIN
Enable/Disable
PIN
Band
Selection
Ethernet Link
Back Off
PING Check
Unimax+ Router will automatically enter the PIN code if the PIN request on the USIM card is enabled. Please enter correct PIN code as incorrect PIN code will lock the SIM card.
This feature will allow users to disable or enable
SIM PIN from the Unimax+ Router
A particular band can be selected or left on
Auto using this option
This setting controls the WAN connection.
Disabling this will prevent Unimax+ establishing a
WAN connection if no client is connected on the LAN. Disconnecting client from LAN will also force Unimax+ to disconnect WAN connection with this setting disabled
Unimax+ will start a back off algorithm on power up as set by these times instead of constantly retrying PPP connection. Unimax+ will reset if PPP connection is not successful after 2 nd retrial timer has expired and start again.
1 st
Retrial when wireless network gets disconnected.
Interval: Retrial interval time (Second)
During time: Continuing time (Minute)
2 nd
Retrial after 1 st retrial is unsuccessful
Interval: Retrial interval time (Minute)
During time: Continuing time (Hour)
Ping check settings allow for pinging 2 designated servers on the WAN and LAN at set intervals. The Unimax+ Router will disconnect the WAN connection and perform a power reset once the ping fail count has expired for
28
Periodic Reset
Scheduler either or both WAN or LAN servers. If only WAN or only LAN ping checking is need, please leave the relevant server address blank but put valid values for Interval and Fail count (minimum 10s and 1, respectively).
Power Reset Unimax+ daily
Set from 1 to 24 hours
Unimax+ establishes WAN connection (Router
Mode) between the times specified above.
Disabling this function allows Unimax+ to be online at all times
[Table 9: WAN Page Information]
Invalid PPP password characters list:
“(double quotation mark)
‘(quotation mark)
?(question mark)
)(bracket)
@(at sign)
;(semi colon)
|(pipe sign)
I(upper case I)
29
5.1.3 maXconnect
The maXconnect Remote Management portal allows you to manage, control and monitor this device on the maXconnect portal. The settings below are used to configure the Unimax+ to communicate with the maXconnect Remote
Management portal. The maxconnect FTP server is need to perform FOTA via the portal. maXconnect is compatible with firmware later than 5.4.15.
5.1.4 Password
The Password page allows changing the authentication information required to access the Unimax+ web page. If new authentication details are applied, you will be prompted to re-enter those details as a confirmation.
ITEM DESCRIPTION
User name Input new login user name
Current
Password
Input the current login password
New Password Input new login password
Confirm
Password
Retype the new password
[Table 10: Password Page Information]
30
[Figure 8: Password Page]
5.1.5 Log Out
Log Out page provides a user with an option to close the web interface window.
[Figure 9: Log out Page]
31
5.2 Configuration Page Descriptions – Advanced
5.2.2 Dynamic DNS
The Dynamic DNS page allows users to configure Username, Password and Domain name to be used by Unimax+ when authenticating on the DDNS server. s
[Figure 10: Dynamic DNS Page]
ITEM DESCRIPTION
Enable DDNS
Service Provider
Check box to enable DDNS
Link of the DDNS service web page
(Server site is http://dyndns.com
) by default.
Unimax+ currently supports Dyndns.org service
Provider only. For Client key support compatibility firmware please contact Maxon support
Set DDNS host name or Alias from DDNS server Domain Name
User Name/Email Input User Name for logging onto a DDNS server
Password/Key
Input Password for logging onto a DDNS server
[Table 11: DDNS Page Information]
Note: If IP filtering is enable, DDNS doesn’t work
5.2.3 DoS Filters
This page allows the user to configure the Unimax to be blocked from DoS attack. Using the DoS filter features, TCP SYN packets, TCP/UDP New Connections and ICMP requested can be filtered to avoid DoS attacks. In order to use this feature, the user should upgrade their device with a firmware later then 5.4.23
5.2.4 DMZ
32
The DMZ page allows one IP address in a Demilitarized Zone which is exposed to the internet without sacrificing unauthorized access to the local private network.
[Figure 11: DMZ Page]
ITEM
Enable DMZ
DMZ Host IP
Address
DESCRIPTION
Check box to enable DMZ
IP Address of the target device. If DMZ is set, all traffic addressed to Unimax+ WAN IP is passed to the host with this IP address only. Web interface of the Unimax+ will not be accessible.
[Table 12: DMZ Page Information]
33
5.2.5 Port Forwarding
The Port forwarding page allows for setting up a firewall that will allow remote access for specific ports and protocols to designated hosts. When remote users send requests for accessing the local server, Unimax+ can forward those requests to the appropriate server(s).
ITEM
Enable Port
Forwarding
DESCRIPTION
Check box to enable Port Forwarding
Redirect IP Address: IP address of the target device on LAN
Port
Forwarding
Protocol: Select protocol TCP, UDP or both
Port Range: Range of port addresses for redirection
[Table 13: Port Forwarding Page Information]
[Figure 12: Port Forwarding Page]
34
5.2.6 IP Filtering
The IP filtering page provides simply a mechanism that decides which types of IP datagram’s should be processed or discarded.
ITEM
Enable IP
Filtering
IP
Filtering
DESCRIPTION
Check box to enable IP Filtering
IP Address
IP address of the target device
Protocol: Select protocol TCP, UDP or both
[Table 14: IP Filtering Page Information]
[Figure 13: IP Filtering Page]
35
5.2.7 MAC Filtering
The MAC Filtering page provides a security access control methodology whereby the 48-bit address assigned to each network card is used to determine whether the device is allowed or access to the internet.
ITEM
Enable MAC filtering
DESCRIPTION
Rule
MAC Address
Check the box to enable MAC Filtering
Select Access or Deny.
Access - Allows access to Unimax+ web page but denies internet access.
Deny – Denies access to Unimax+ web page and internet.
Input MAC address to determine deny or access to the internet.
[Table 15: MAC Filtering Page Information]
[Figure 14: MAC Filtering Page]
36
5.2.8 VPN
The VPN page allows configuring VPN Server/Client mode in the Unimax+. The
Unimax+ VPN supports only L2TP OVER IPSec protocol.
[Figure 15: VPN Page]
ITEM
Mode
DESCRIPTION
VPN Gateway (L2TP/IPSec):
Unimax+ acts as a VPN Server
VPN Client (L2TP/IPSec
VPN Client (IPSec)
VPN Client (PPTP):
VPN GtoG Host (IPsec)- Contact Maxon for firmware compatibility
Unimax+ connects to a remote VPN Server
[Table 16: VPN Page Information]
5.2.9 Digital I/O Control
The Digital I/O page allows the user to configure the messages to be sent via SMS when an Input changes state and which messages will be accepted to make an output change state.
37
[Figure 16: Digital I/O Control Page]
38
ITEM
Activate
Trigger Time
Reporting
Number
Message
INPUT
Message
OUTPUT
DESCRIPTION
To enable or disable this function
Trigger time when input status changes from low to high or from high to low
Enter mobile numbers for sending SMS in international format. e.g. (+614….) If no numbers are changed here the outputs will not change on SMS
This message will be sent via SMS to designated phone numbers when an input changes state
This is the message that will switch the outputs on when received only from the designated phone numbers. The Unimax+ will ignore the message received from different phone numbers than the designated on this page.
[Table 17: Digital I/O Control Page Information]
Note: At this stage changing output from maXconnect is not compatible
5.2.10 Ping Tool
The Ping Tool page is used to send ICMP requests to a particular IP Address/Host
Name.
ITEM
IP Address
/Host Name
[Table 18: Ping Tool Page Information]
DESCRIPTION
Input destination IP address or host name to be pinged.
[Figure 17: Ping Tool Page]
39
5.2.11 SNMP
The SNMP page is used to configure SNMP agent. If this option is enabled then a remote SNMP manager can connect to the SNMP agent and acquires network information. The Unimax+ supports SNMPV2. Please contact Maxon for the most up to date MIB.
ITEM DESCRIPTION
Activate To enable or disable the function
System Name SNMP agents system name
System
Contact
SNMP agents contact email address
Write
Community
Name
Read
Community
Name
Public: Write Community string
Private: Write Community string disabled
Public: Read Community string
1
2
3 st nd rd
Trap Server
IP
Trap Server
IP
Trap Server
IP
Private: Read Community string disabled
IP address of the 1 st
trap server. Unimax+ will report trap message to this IP address.
IP address of the 2 nd
trap server. Unimax+ will report trap message to this IP address.
IP address of the 3 rd
trap server. Unimax+ will report trap message to this IP address.
[Table 19: SNMP Page Information]
[
Figure 18: SNMP Page]
40
5.2.12 Static Route
This feature allows the user to configure static routes in the modem via the LAN,
WAN and VPN interfaces. Using this feature the user can communicate in both directions once a VPN is established.
5.3 Configuration Page Descriptions – Administrator
5.3.3 AT
The AT page allows for sending commands to the Unimax+ module.
[Figure 21: AT Commands Page]
41
ITEM DESCRIPTION
AT Command Input AT command and click Send
[Table 22: AT Commands Page Information]
5.3.4 Backup (Save/Reload)
The Backup page allows users to save the current settings to a file or load settings from a saved file. Also, you can reset the current configurations to factory defaults.
ITEM
Save Settings to
File
Load Settings from File
Restore to
Factory Default
DESCRIPTION
Allows the user to save all the current configurations to a file
Allows the user to restore configurations from a saved file
Allows setting the Unimax+ configurations to factory default
Table 24: Backup Page Information]
Figur e
23:
Bac kup
Pag e]
.35
Syst em
Logs
The System page allows for viewing the system logs plus enabling the remote syslog function and the IP address of the remote syslog server.
5
42
ITEM DESCRIPTION
Enable Logs Check the box to enable Syslogs
Enable Remote
Syslog
Log Server IP address
Check the box to enable Remote Syslog function
Enter the IP address of remote server
Refresh / Clear
Refresh the system logs or Clear the system logs data
[Table 25: System Logs Page Information]
[Figure 24: System Logs Page]
43
5.3.5 Time Zone
Time Zone page allows you to maintain system time by synchronizing with a public time server over the internet. Maxon does not recommend enabling the NTP server
when using the scheduler function on WAN page, as the Unimax+ does not contain a real time clock. On the other hand (network time) will remain in the same time zone as the carrier.
[Figure 25: Time Zone Page]
ITEM
Enable NTP client update
NTP Server
DESCRIPTION
Check the box to enable NTP Client update
Time Zone
IP address of NTP server
Select the appropriate GMT(Green Mean Time) time zone
[Table 26: Time Zone Page Information]
44
5.3.6 System
The System page allows for the configuration of Administration and Remote
Management options.
[Figure 26: System Page]
45
ITEM
Web Access
Telnet Access
Drop HTTP Access on WAN
Unimax+ Admin
Login
NAT
AT Over IP
Phone Number
DESCRIPTION
Enable or Disable Web page access
Enable or Disable Telnet Server
Enabling this option will deny Web page access from the WAN side
Enabling this option will reset Unimax+ to factory default settings after 3 consecutive incorrect web page logins
Enable or Disable NAT
Enable or Disable AT Over IP. This will allow users to send SMS via port 12521 using AT command.
Remote SMS command doesn’t work if AT over
IP is connected.
Only the phone numbers entered here can query the modem via SMS. If the fields are left blank the Unimax+ will accept SMS messages from any phone number.
5.3.7 Upgrade Firmware
Upgrade Firmware page is used to upgrade the firmware of Unimax+. Please note that this option doesn’t upgrade the cellular module firmware. This process can take several minutes (when upgrading locally connected via LAN to the Unimax+) and the device should not be switched off during the upgrade process. If upgrading the firmware remotely, the process could take around 20 minutes depending on the speed of your connection. Please refrain from opening multiple Unimax+ web pages while upgrading the firmware. Please check with Maxon for information on firmware compatibility.
[Figure 27: Upgrade Firmware Page]
46
5.3.8 Save & Reboot
Save & Reboot page allows saving the current settings and restarting the Unimax+.
[Figure 28: Save and Reboot Page]
47
6 . O P E R A T I O N
The Unimax+ has two modes of operation:
Modem Router
Bridge ( Not compatible for 4G Unimax+)
User can select one or the other mode via the WAN page on the Web interface of the device.
6.1 Modem Router Mode
In Modem Router Mode, the Unimax+ acquires the IP from the ISP, keeps it and shares it with connected Host PC's via NAT. Unimax+ gets public/private IP (IP-2) from ISP via the cellular network whereas the host PC's get each private IPs (IP-1) from the DHCP server of the Unimax+. NAT converts network data between IP-1 and IP-2.
[Figure 29: Modem Router Mode]
6.1.1 Setting Host PC’s Network Environment
The Unimax+ is set to Modem Router Mode by default. To obtain an IP automatically from the DHCP Server of the Unimax+, please do the following:
For Windows XP, connect a PC to the Unimax+ via an Ethernet cable, then click “My
Network Places” and choose Properties.
48
[Figure 30: Setting Host PC]
Right click on “Local Area Connection” under Network Connections and select
Properties.
[Figure 31: Local Area Connection]
Double click on the “Internet Protocol [TCP/IP]” item.
[Figure 32: Internet Protocol TCP/IP]
Check “Obtain an IP address automatically” and then click the OK button.
49
[Figure 33: Obtain an IP address automatically]
The Host PC is now configured. Ensure that the U-SIM card has been inserted. Connect
Power and Ethernet cables to the Unimax+.
Under WAN page, select Modem Router as the operational mode, enter APN and
Authentication details. If there is any username/password information required, enter those details into the appropriate username/password fields and click on
Apply Changes. Click the Save and Reboot button under Save and Reboot page and then wait for Status page to reload.
Once the Unimax+ has established an internet connection, the Status page will update with a WAN IP address and the Send/Receive Data LED will blink.
6.2 Bridge Mode (Not compatible to 4G Unimax+)
In Bridge mode, the host PC acquires an IP from the ISP directly through the Unimax+.
The Unimax+ has a PPPoE Authenticator internally that communicates with PPPoE on client PC or other Router. The Unimax+ converts the protocols between PPP to PPPoE, the host PC processes all the network protocols (similar to dial-up).
[Figure 34: Bridge Mode]
Under the WAN page, select Bridge Mode as the operational mode and set the APN.
Click Apply Changes, and then click on Save and Reboot under the Save and Reboot page. Wait for the Status page to reload. When using the Unimax+ in Bridge mode, a
50
PPPoE connection should be created on the host PC as follows:
For Windows XP, right click on “My Network Places” icon and select Properties.
[Figure 35: Setting Host PC]
For establishing PPPoE connection, click on “Create a new connection”
[Figure 36: Create a new connection]
A New Connection Wizard will appear. Click on Next.
[Figure 37: New Connection Wizard]
Check the “Connect to the Internet” item and then click Next.
51
[Figure 38: Connect to the Internet]
Check the “Set up my connection manually” icon and then click Next.
[Figure 39: Set up my connection manually]
If your connection requires a username and password then check “Connect using a broadband connection that requires a user name and password” item, otherwise click “Connect using a broadband connection that is always on”. Click Next.
[Figure 40: Internet connection]
Write the name of the ISP and then click Next.
52
[Figure 41: ISP Name]
Enter user Username/Password and confirm password details provided by the ISP and then click Next.
[Figure 42: Username/Password details]
Check “Add a shortcut to this connection to my desktop” and click on Finish to close the wizard.
[Figure 43: Shortcut for the connection]
Click the PPPoE shortcut icon on the desktop and then click “Connect” on the
PPPoE dial connection screen.
53
[Figure 44: PPPoE connection screen]
Connecting to the internet
[Figure 45: Connecting Unimax+ on the internet]
Verifying username and password
[Figure 46: Verifying username and password]
Host PC acquires the WAN IP and PPPoE connection is successful..
[Figure 47: Registering PC on the network]
54
A P P E N D I X
Digital Input/output
A digital output opens or closes the circuit between two terminals depending on the binary state of the output. A digital input is a switch and a voltage sending device.
Depending on the switch's open/closed status, the Unimax+ detects a voltage or no voltage condition, which in turn generates a logical 0 or 1, ON or OFF, alarm or normal or similar a defined state.
H/W Specifications
PIN NUMBER
1 (VDD)
2 (D/I 1)
3 (D/I 2)
4 (D/O 1)
5 (D/O 2)
6 (GND)
DESCRIPTION
3.3V out
Digital input (max 5VDC)
Digital input (max 5VDC)
Digital output (max 3.3VDC)
Digital output (max 3.3VDC)
GND
[Table 28: Digital I/O PIN Number]
Electrical Specifications
Digital Outputs: Minimum 2.4 V Typical 3.3 V 16
㎃
Digital Inputs: From 0 to 5.0 V ±5
㎂
Diagram
[Figure 48: Output Circuit]
Please note that the external control circuit should support “Open Collector” outputs.
55
[Figure 49: Input Circuit]
Please note that no external circuit is required when using the inputs at 3.3 V.
Factory Default Function
Following are the two methods to set Unimax+ back to factory default:
Reset Button
Press the factory reset switch, located on the left end plate next to the power switch, and hold in for 0-3seconds. The modem will perform reboot
Press the Reset button for more than 10 sec. The modem will revert back to factory default setting.
Note: For Firmware 5.5.10 and below, press reset button more than 50 sec for factory reset until the Ethernet light goes off and come back again
Soft Reboot
On Backup (Save/Reload) Page under Administrator, click on Restore to
Factory Default button to set configurations to factory default.
SMS Commands
The following SMS commands can be used to change the APN, ID, Password,
Authentication and even reboot the Unimax+. After changing the APN, IPassword,
Authentication, Unimax+ will send a confirmation SMS after applying the change.
Commands
56
Change APN (e.g. telstra.extranet)
SMS Syntax: UNIMAX.PARK.APN telstra.extranet
Change Username, Password and Authentication (e.g. Username: [email protected]
, Password: maxon, Authentication: chap)
SMS Syntax: UNIMAX.PARK.AUTH [email protected]:maxon:chap
Check Settings and IP address
SMS Syntax: UNIMAX.PARK.WANIP
Reboot Unimax+
SMS Syntax: UNIMAX.PARK.REBOOT
Dynamic DNS
SMS Syntax for enabling dyndns.org : UNIMAX.PARK.DDNS1 1
SMS Syntax Disable dyndns.org : UNIMAX.PARK.DDNS1 0
ConCConfiguration Syntrax for DYNDNS: UNIMAX.PARK.DDNS2 domain name,username,password
Custom DYNDNS
1. SMS Syntax for enabling Custom : UNIMAX.PARK.DDNS1 3
57
2. Service Provider setting syntrax :
UNIMAX.PARK.DYNDNS1 3, Service
Provider
Configuration: UNIMAX.PARK.DDNS2 domain name,username,password
Note : Dyndns configuration remotely via SMS supported only on 5.4.19 or later firmwares.
Sending SMS via Telnet
Maxon Australia has developed the SMS over telnet functionality in the
Unimax+ Modem for ease of use, but we strongly suggest that customers perform in house testing prior to commissioning to avoid syntax errors.
The saved file is deleted automatically by the modem once it reaches 4
Kilobytes in size.
Requirements:
You must have a computer running Microsoft Windows (Vista and
Windows 7 require a third party Telnet program such as putty).
Ethernet port.
SIM card with SMS enabled.
Setup
Log into the Unimax+ Web page using the gateway IP address. Default is
192.168.0.1
58
Web page username and password is admin by default.
Enable Telnet into the web page of the Unimax+ router.
Telnet in to the Unimax+ Router.
Username and password for the telnet session is:
Username: admin
Password: admin
Send SMS without Disconnecting Internet Connection:
[admin@DHPLAB]# Echo “destination number in international format, Type message to be sent” > /var/tmp/cmdsndsms1 <Carriage return to send>
Read SMS
[admin@DHPLAB]# cd /var/tmp/
[admin@DHPLAB]# cat SMSRes
OK
59
Check file size:
[admin@DHPLAB]#ls -al SMSRes
-rw-rw--rw-- 1 root root 241 Dec 9 11:40
File size above is 241 bytes. Maximum size before the file is deleted is 4Kbytes
Delete file:
[admin@DHPLAB]#rm SMSRes
WAN Connection – Signal Level
The Unimax+ will drop WAN connection if the signal (CSQ) level drops below 4 or the response is 99. This is not dBm.
The Unimax+ will initiate WAN connection if the signal (CSQ) level is between 4 ~
31 dBm.
The Unimax+ will reset module if the modem fails to register after 10 minutes of power up. The cycle continues until modem registers.
The Unimax+ will reset the module if it can not communicate with the module
(via AT command) for 2 minutes.
Setting up an SNMP Agent
The Simple Network Management Protocol is a protocol designed to give a user the capability to remotely manage a computer network by polling and setting terminal values and monitoring network events.
Example Environment
PowerSNMP Free Manager
The Unimax+ directly connected to a laptop or a desktop through RJ45 connection
Unimax+ Configuration
Please apply the following configuration on the SNMP Page of Unimax+:
ITEM
Active Enable
System Name Unimax+ SNMP
DESCRIPTION
60
System
Contact
Write
Community
Name
Read
Community
Name
1 st
Trap Server
IP
2 nd
Trap Server
IP
3 rd
Trap Server
Private
Public
192.168.0.100
192.168.0.101
192.168.0.102
[Table 29: SNMP Setup]
PowerSNMP Free Manager Configuration
Run the PowerSNMP Agent
Click Yes on the prompt message to search for the SNMP Agent
[
Figure 53: SNMP Agent Message]
Once the PowerSNMP finds the Unimax+ as an SNMP Agent then add the
Unimax+ as an agent by enabling the check box.
[
Figure 54: Unimax+ as SNMP Agent]
PowerSNMP will run as follows after the Unimax+ has been added as a
SNMP Agent.
61
[
Figure 56: PowerSNMP Free Manager]
You can load the Unimax+ MIB file provided by Maxon in order to identify the old values.
62
Setting up a Unimax+ as a VPN Gateway or a VPN Client
VPN Gateway
[
Figure 56: VPN Gateway]
63
VPN Gateway Sample Configuration
PPP Authentication CHAP
User Name DemoVPN
Password ******
Assigned IP Address 192.168.0.240
NAT-T
Key Exchange IKE
Enabled
Encryption 3DES-MD5-1024
IPSec Authentication ESP
Encryption 3DES-HMACMD5
VPN Client (L2TP over IPSec)
[Figure 57: VPN Client (L2TP over IPSec)]
64
VPN Client (L2TP over IPSec) Sample Configuration
PPP Authentication CHAP
User Name DemoVPN
Password ******
NAT-T Enabled
IPSec Type
Key Exchange IKE
Tunnel
Encryption 3DES-MD5-1024
IPSec Authentication ESP
Encryption 3DES-HMACMD5
65
VPN Client (IPSec)
[Figure 58: VPN Client (IPSec)]
VPN Client (IPSec) Sample Configuration Only
NAT-T Enabled
IPSec Type
Key Exchange IKE
Tunnel
Encryption AES256-MD5-1024
IPSec Authentication ESP
Encryption AES256-HMACMD5
66
VPN Client (PPTP)
[
Figure 59: VPN Client (PPTP)]
VPN Client (PPTP) Sample Configuration
Authentication CHAP
User Name DemoVPN
Password ******
MPPE-128: Enable
67
VPN GtoG Host Sample Configuration
Note: This feature is not supported in firmware 5.5.10 or below. Please contact Maxon
Australia for compatibility firmware
Advanced Settings
User can connect the Unimax+ to other network devices as follows:
Connecting to a HUB
If a user wants to connect a Unimax+ to a HUB then the Unimax+ should be
68
configured in Modem Router Mode.
Port Forwarding
The port forwarding page allows for setting up a firewall that will allow remote access for specific ports and protocols to designated hosts. When remote users send requests for accessing the local server, Unimax+ can forward those requests to the appropriate server(s).
Web Server
192.168.0.52
UNIMAX
80 PORT TO 192.168.0.52
21 PORT TO 192.168.0.53
HUB
FTP Server
192.168.0.53
To set an IP address for Port Forwarding, click on the Port Forwarding page under Advanced. Check the Enable Port Forwarding box and place IP address along with Port and Protocol details.
[Figure 61: Port Forwarding Setup]
Note: If you forward port 80 to a web server/camera, you will not be able to access the
Unimax+ web page unless you change the Web Access port on the Unimax+ from 80 to
8080 (for example). It is recommended that this is done first.
69
[Figure 60: Port Forwarding]
[
Figure 61:System]
70
After changing the Web access port
Setting DMZ Host
The DMZ page sets one IP address in a Zone which is exposed to internet without sacrificing unauthorized access to the local private network.
[Figure 62: Unimax+ connected to a server and a PC via DMZ Host]
To set an IP address in the DMZ, click on the DMZ page under Advanced.
Check the Enable DMZ box and set the IP address of the DMZ host.
[Figure 63: Setting DMZ Host server]
71
Troubleshooting
If these solutions do not work then please contact Maxon customer support at [email protected]
or (02) 8707 3000
Hardware Issues
Power LED does not work.
Please check if the power adapter is OK.
Please check that power adapter supports between 9 ~ 30 [VDC].
Link LED on RJ45 port does not work.
Please check whether the Ethernet cable is inserted correctly or not. Also check the PC’s LAN card.
Please check whether the Ethernet cable is direct or cross connect. The
Ethernet cable must be a direct cable.
If you are connecting the Unimax+ to a cross over HUB then you should use a cross over cable.
Link LED on RJ-45 port is always green but does not connect on Internet.
In this case, the connected PC’s LAN card supports only 10Mbps but PC OS
(Operating System) is set to 100Mbps. Please change the PC environment to support 10Mbps.
Software Issues
I need to set a static IP address on a PC.
By default, the Unimax+ assigns IP addresses from a range of 192.168.0.50 to
192.168.0.100 using the DHCP server. To set a static IP address on a PC, you can use an IP from the DHCP range of the Unimax+ which is not used by any other device on the network. Also you need to assign the Unimax+ IP as the default gateway on that PC. Each PC or network device that uses TCP/IP must have a unique address to identify itself in the network. If the IP address is not unique to a network, Windows will generate an “IP conflict error" message.
I need to set up a server connected to a Unimax+.
To use a server like a Web, FTP or Mail Server, you need to know the port number which is used by the respective server. For example, Port 80 (HTTP) is used for
Web; Port 21 (FTP) is used for FTP, and Port 25 (SMTP outgoing) and port 110
72
(POP3 incoming) are used for Mail Server. You can get more information by viewing the documentation provided with the server you installed.
APPLICATION
Web server
VPN IPSEC
SMTP
POP3
FTP server
PORT
80
50
25
110
21
[Table 30: Example of Port Forwarding]
PROTOCOL
All
UDP
All
All
TCP
IP ADDRESS
192.168.0.200
192.168.0.2
192.168.0.202
192.168.0.202
192.168.0.50
I can’t connect to any server or any other application.
If you are having difficulty connecting to a server or any other application, then that application might be using special port(s). If you are not sure what of what port to use, then configure this host in the Demilitarized Zone (DMZ) function. This option can be used when an application/host requires many ports or a user is not clear on which ports or protocols to use. Please disable all Port Forwarding entries when using DMZ as Port Forwarding has A priority over DMZ.
73
advertisement
Key Features
- Cellular Network Connectivity
- L2TP/IPsec VPN
- DHCP Server
- Digital I/O Control
- Web Interface
- Wide Voltage Range
Frequently Answers and Questions
What is the purpose of the Unimax Ethernet Modem Router?
What are the different models available for the Unimax Ethernet Modem Router?
What is the voltage range of the Unimax Ethernet Modem Router?
How do I configure the Unimax Ethernet Modem Router?
What are some of the key features of the Unimax Ethernet Modem Router?
Related manuals
advertisement
Table of contents
- 5 CONTACT INFORMATION
- 6 RF EXPOSURE COMPLIANCE
- 6 Caution
- 8 REVISION HISTORY
- 9 UNIMAX+ USER MANUAL
- 9 Disclaimers
- 10 INTRODUCTION
- 10 Overview
- 10 MA-2025-4G Feature set
- 10 MA-2025 Feature set
- 12 HARDWARE
- 12 Front Panel
- 13 Side Panel (Left)
- 13 Side Panel (Right)
- 13 Back Panel
- 14 SPECIFICATIONS
- 14 Mechanical
- 14 Environmental
- 14 Electrical
- 14 Hardware
- 15 PROTOCOLS & ENCRYPTIONS
- 15 PPP (Point-to-Point Protocol)
- 15 PPPoE (Point-to-Point Protocol over Ethernet)
- 16 DHCP (Dynamic Host Configuration Protocol)
- 16 NAT (Network Address Translation or Translator)
- 17 SNMP (Simple Network Management Protocol)
- 17 SNTP (Simple Network Time Protocol)
- 18 ICMP (Internet Control Message Protocol)
- 18 NAT-T
- 19 4.9.1 3DES
- 19 4.9.2 AES
- 19 4.9.3 MD
- 19 4.9.4 SHA
- 19 ISAKMP
- 21 WEB INTERFACE
- 22 Configuration Page Descriptions
- 22 Status
- 28 maXconnect
- 28 Password
- 29 Log Out
- 30 Configuration Page Descriptions – Advanced
- 30 Dynamic DNS
- 30 DoS Filters
- 32 Port Forwarding
- 33 IP Filtering
- 34 MAC Filtering
- 35 Digital I/O Control
- 37 Ping Tool
- 39 Static Route
- 39 Configuration Page Descriptions – Administrator
- 40 Backup (Save/Reload)
- 42 Time Zone
- 43 System
- 44 Upgrade Firmware
- 45 Save & Reboot
- 46 OPERATION
- 46 Modem Router Mode
- 46 Setting Host PC’s Network Environment
- 48 Bridge Mode (Not compatible to 4G Unimax+)
- 53 APPENDIX
- 53 Digital Input/output
- 53 H/W Specifications
- 53 Electrical Specifications
- 53 Diagram
- 54 Factory Default Function
- 54 Reset Button
- 54 Soft Reboot
- 54 SMS Commands
- 54 Commands
- 56 Requirements
- 58 WAN Connection – Signal Level
- 58 Setting up an SNMP Agent
- 58 Example Environment
- 58 Unimax+ Configuration
- 59 PowerSNMP Free Manager Configuration
- 61 Setting up a Unimax+ as a VPN Gateway or a VPN Client
- 61 VPN Gateway
- 62 VPN Client (L2TP over IPSec)
- 64 VPN Client (IPSec)
- 65 VPN Client (PPTP)
- 66 Advanced Settings
- 66 Connecting to a HUB
- 67 Port Forwarding
- 69 Setting DMZ Host
- 70 Troubleshooting
- 70 Hardware Issues
- 70 Software Issues