ETIC IPL-3G User manual
IPL-3G
UMTS GPRS EDGE
IP Router -RAS -firewall
_________________
USER GUIDE
Document reference : 9019409-01
_________________
Page 2User guide ref 9019409-01 UMTS GPRS EDGE router ref. IPL-3G
The IPL-3G router is manufactured by
ETIC TELECOM
13 Chemin du vieux chêne
38240 MEYLAN
FRANCE
TEL : + 33 4-76-04-20-05
FAX : + 33 4-76-04-20-01
E-mail : [email protected]
web : www.etictelecom.com
CONTENT
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 3
PRESENTATION
1SECURITY RECOMMENDATIONS ............................................................................................................................7
2CERTIFICATE OF CONFORMITY.............................................................................................................................9
3PRODUCTS IDENTIFICATION ................................................................................................................................11
4DATA-SHEET..........................................................................................................................................................13
5PRODUCT OVERVIEW............................................................................................................................................15
5.1 Functions overview ..................................................................................................................................15
5.2 Main features.............................................................................................................................................17
INSTALLATION
1DIMENSIONS ..........................................................................................................................................................19
2CONNECTORS........................................................................................................................................................19
3LED INDICATORS...................................................................................................................................................22
4DIP SWITCHES .......................................................................................................................................................24
5FACTORY DEFAULT PUSH-BUTTON.....................................................................................................................24
6MOUNTING THE PRODUCT ON A DIN RAIL OR REMOVING IT.............................................................................24
7COOLING................................................................................................................................................................26
8RS232 INTERFACE.................................................................................................................................................26
9RS485 INTERFACE.................................................................................................................................................27
10 DIGITAL INPUT AND OUTPUT ...............................................................................................................................27
11 CONNECTING THE ANTENNA................................................................................................................................27
12 INSTALLING THE SIM CARD .................................................................................................................................29
SET UP
1SET UP STEPS .......................................................................................................................................................31
2CONNECTING A PC TO THE ROUTER FOR CONFIGURATION .............................................................................32
2.1 Overview....................................................................................................................................................32
2.2 First configuration....................................................................................................................................32
2.3 Modifying the configuration from the LAN .............................................................................................33
2.4 Modifying the configuration from the WAN interface ............................................................................34
3REBOOTING THE ROUTER AFTER PARAMETERS CHANGES..............................................................................34
4RECOVERING THE FACTORY LAN IP ADDRESS...................................................................................................34
5RECOVERING THE FACTORY CONFIGURATION .................................................................................................34
../..
CONTENT
Page 4User guide ref 9019409-01 UMTS GPRS EDGE router ref. IPL-3G
… SET UP
6RESTRICTING ACCESS TO THE ADMINISTRATION SERVER...............................................................................35
7RECOVERING A FREE ACCESS TO THE ADMINISTRATION SERVER ..................................................................35
8FACTORY CONFIGURATION..................................................................................................................................35
9LAN INTERFACE SET UP......................................................................................................................................36
9.1 IP protocol .................................................................................................................................................37
9.2 DHCP server...............................................................................................................................................37
10 UMTS –GSM-GPRS-3GDGE INTERFACE SET UP.................................................................................................38
10.1 Modem menu.............................................................................................................................................38
10.2 Connection menu......................................................................................................................................38
10.3 “Control” menu .........................................................................................................................................40
11 SETTING A CONNECTION TOWARDS THE IPL-3G USING THE DYNDNS SERVICE .............................................41
12 CREATING VPN CONNECTIONS BETWEEN ROUTERS........................................................................................42
12.1 Principles...................................................................................................................................................42
12.2 IPSec VPN connections ............................................................................................................................44
12.3 TLS VPN connections ...............................................................................................................................50
13 ROUTING FUNCTIONS ...........................................................................................................................................54
13.1 Basic routing function..............................................................................................................................54
13.2 Static routes ..............................................................................................................................................55
13.3 RIP protocol...............................................................................................................................................56
14 ADDRESS AND PORT TRANSLATION ...................................................................................................................57
14.1 Port forwarding .........................................................................................................................................57
14.2 Advanced network address and port translation...................................................................................58
15 VRRP REDUNDANCY..............................................................................................................................................62
15.1 Principle.....................................................................................................................................................62
15.2 Configuring VRRP on the LAN interface..................................................................................................62
15.3 Configuring VRRP on the WAN interface................................................................................................63
16 REMOTE USERS CONNECTIONS SERVICE ...........................................................................................................64
17 REMOTE USERS CONNECTIONS...........................................................................................................................65
17.1 Principles...................................................................................................................................................65
17.2 Configuring a TLS connection.................................................................................................................66
17.3 Configuring a PPTP connection...............................................................................................................68
../..
CONTENT
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 5
… SET UP
18 M2ME_CONNECT SERVICE ...................................................................................................................................69
18.1 Overview....................................................................................................................................................69
18.2 Configuring a M2Me_Connect connection .............................................................................................70
19 USERS LIST............................................................................................................................................................71
20 FIREWALL..............................................................................................................................................................73
20.1 Overview....................................................................................................................................................73
20.2 Main filter...................................................................................................................................................74
20.3 Remote users filters..................................................................................................................................77
21 SERIAL TO IP GATEWAY.......................................................................................................................................81
21.1 Modbus menu............................................................................................................................................82
21.2 RAW TCP gateway.....................................................................................................................................84
21.3 RAW UDP gateway.....................................................................................................................................86
22 USB TO IP GATEWAY ............................................................................................................................................88
22.1 Principles...................................................................................................................................................88
22.2 Configuration ............................................................................................................................................88
23 ADVANCED FUNCTIONS........................................................................................................................................89
23.1 Adding a certificate...................................................................................................................................89
23.2 Alarms ........................................................................................................................................................89
23.3 Configuring the web portal ......................................................................................................................90
23.4 Configuring the DNS server .....................................................................................................................91
DIAGNOSTIC & MAINTENANCE
1DIAGNOSTIC MENU ...............................................................................................................................................93
2SAVING THE CONFIGURATION TO A FILE............................................................................................................95
3UPDATING THE FIRMWARE ..................................................................................................................................96
Appendix 1 :Management web server description
SECURITY
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 7
1Security recommendations
The IPL-3G is a low power radio transmission and reception device. It conforms to rules imposed to
UMTS or GSM-GPRS-EDGE terminals.
Check that using such a device is authorized at the location where you wish to install the router.
Do not use the IPL-3G router in locations with a potentially explosive atmosphere like, for instance,
petrol stations or areas where the atmosphere contains chemicals or particles.
The IPL-3G uses the UMTS radio network and wireless waves. It is why, it is not possible to
guarantee it will connect without interruption.
It is not possible to rely only the IPL-3G and the UMTS network to guarantee the security of an
automated system.
CONFORMITY
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 9
2CERTIFICATE OF CONFORMITY
The manufacturer, ETIC Telecom –13 chemin du vieux chêne –38240 Meylan –France, Hereby
declares that the listed products
Type of device :UMTS & GSM -GPRS –EDGE router
Models: IPL-3G router family
conforms to the Council Directive 1999/5/EC related to radio and telecommunication terminal
equipments.
The harmonized standards to which the equipment complies are :
Standard Title
EN301489-1Electromagnetic compatibility and Radio spectrum Matters :
Part 1 : General requirements
EN301489-7
Electromagnetic compatibility and Radio spectrum Matters :
Part 7 : Specific conditions for mobile and portable radio and ancillary equipment
of digital cellular radio
EN61000-6-2
Ed. 2001 Immunity :
EN60100-4-2 Electrostatic Discharge
EN60100-4-3 Radiated Immunity
EN60100-4-4 EFT/Burst Immunity
EN60100-4-5 Surge Immunity
EN60100-4-6 Conducted Immunity
EN61000-6-4
Ed 2001 Emission :
EN55022 radiated and conducted emission
EN60950 Security
EN50385 Human exposure to radio frequency fields exposure
EN301511 Global System for mobile communication
Gilles Bénas
Quality manager
5th december 2011
PRODUCT OVERVIEW
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 11
3Products identification
IPL-3G-G
-1400 -1400-B-1201 -1201-B-1220 -1220-B1230 1230-B
Frequency band UMTS 850 1900 / 2100 MHz
Frequency band GSM GPRS 850 / 900 / 1800 / 1900 MHz
IP router ••••••••
Remote access server PPTP or TLS -25 users ••••••••
Firewall SPI ••••••••
Serial gateway ---••-••
USB gateway --••----
25 IPSEC or SSL client or server VPNs ••••••••
RJ45 10/100 BT 4 4 2222 22
RS232 ----1122
RS485 ----11--
USB host --11----
Port forwarding ••••••••
Source IP address translation (NAT) ••••••••
SNMP ••••••••
DHCP client or server over the LAN interface ••••••••
DHCP client 3G interface ••••••••
RIP LAN & WAN ••••••••
Digital input for emails 11111111
Html Configuration ••••••••
IO Viewer compatible ••••••••
VRRP -•-•-•-•
Masquerading -•-•-•-•
M2Me_Connect -•-•-•-•
PRODUCT OVERVIEW
Page 12 User guide ref 9019409-01 UMTS GPRS EDGE router ref. IPL-3G
IPL-3G-E
-1400 -1400-B-1201 -1201-B-1220 -1220-B1230 1230-B
Frequency band UMTS 900 / 2100 MHz
Frequency band GSM GPRS 900 / 2100 MHz
IP router ••••••••
Remote access server PPTP or TLS -25 users ••••••••
Firewall SPI ••••••••
Serial gateway ---••-••
USB gateway --••----
25 IPSEC or SSL client or server VPNs ••••••••
RJ45 10/100 BT 4 4 2222 22
RS232 ----1122
RS485 ----11--
USB host --11----
Port forwarding ••••••••
Source IP address translation (NAT) ••••••••
SNMP ••••••••
DHCP client or server over the LAN interface ••••••••
DHCP client 3G interface ••••••••
RIP LAN & WAN ••••••••
Digital input for emails 11111111
Html Configuration ••••••••
IO Viewer compatible ••••••••
VRRP -•-•-•-•
Masquerading -•-•-•-•
M2Me_Connect -•-•-•-•
PRODUCT OVERVIEW
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 13
4Data-sheet
General characteristics
Dimensions 137 x 48 x 116 mm (h, l, p)
Electrical safety EN 60950-UL 1950
EMC
ESD : EN61000-4-2 : Discharge 6 KV
RF field : EN61000-4-3 : 10V/m < 2 GHz
Fast transient : EN61000-4-4
Surge voltage : EN61000-4-5 : 4KV line / earth
RoHS 2002/95/CE (RoHS)
Supply voltage IPL-3G-X-1220 & IPL-3G-X-1220-B : 10 to 30 VDC -300 mA / 24 VDC
IPL-3G-X-1230 & IPL-3G-X-1230-B : 10 to 60 VDC -300 mA / 24 VDC
IPL-3G-X-1400 & IPL-3G-X-1400-B : 10 to 60 VDC -300mA / 24 VDC
Operating T° -20°C / + 60°C Humidity 5 –95 %
Air Interface
IPL-3G-GIPL-3G-E
Frequency UMTS 850 / 1900 / 2100 MHz 900 / 2100 MHz
Frequency GSM 850/ 900 / 1800 / 1900 MHz 900 / 2100 MHz
RF power EGSM850 EGSM900 : class 4 (2 W)
GSM1800 GSM1900 : class 1 ((1 W)
Antenna Connector SMA
UMTS HSDPA HSDPA 7,2 Mb/s downlink / 384 kbps uplink
EDGE-GPRS 236,8 Kb/s downlink & uplink
GPRS Multislot class 12
Ethernet / IP router
Ethernet 10/100 BT –2 or 4 switched ports
IP router Remote connections -static routes –RIP V2
IP address
translation
Source IP @ translation (NAT)
Destination IP @ translation (DNAT)
Port translation (Port forwarding)
DNS Domain name
IP address
assignment Fixed IP @ or DHCP client or DHCP server
Security
VPN
Client or server IPSEC or TLS/SSL
Encryption 3DES
Certificate X509 or preshared key
25 VPNs maximum of the same type (TLS or IPSec)
Firewall Stateful packet inspection (50 rules)
Logs Date and time stamped logs
PRODUCT OVERVIEW
Page 14 User guide ref 9019409-01 UMTS GPRS EDGE router ref. IPL-3G
Remote access server (RAS)
User list 25 users
Connection VPN PPTP / L2TP-IPSec / TLS Open VPN
Login & password
Certificate X509
M2Me (*) VPN Compliant with the M2Me_Secure VPN client
Compliant with the M2Me_Connect mediation service
Alarms 3 inputs : emails
Serial interface (*)
RS232 1200 –115200 kb/s parity N / E / O
RS232 or RS485 (2 wires)
USB USB host interface
Serial
asynchronous to IP
gateways
Modbus master and slave
Raw TCP client and server
Telnet
RAW UDP “multicast”
unitelway
*option
PRODUCT OVERVIEW
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 15
5Product overview
5.1 Functions overview
The IPL-3G router is designed to
interconnect safely automated devices
over the UMTS 3G or the GPRS-EDGE
service
The connection can be set with devices
connected to the Internet or with devices
connected to a private IP network or
between IPL-3G routers.
VPN can be set between routers to
provide safe and full communication
between the devices connected to the
routers.
The product includes an up-to-date serial
to IP gateway, enabling to connect
devices directly to the 3G network and the
Internet.
The IPL-3G is at the same time an IP
router, a VPN client or a VPN server, a
remote access server (RAS) and a stateful
packet inspection firewall.
The IPL-3G is a member of the range
of industrial routers manufactured by
ETIC TELECOM ; that family includes :
•an ADSL router
•an Intranet router (Ethernet interfaces)
•an up to 256 VPNs server rack
•a PSTN router
•an ISDN router
•a PPP RS232 router for particular
uses.
That range makes possible to build state-
of-the-art remote control systems.
PRODUCT OVERVIEW
Page 16 User guide ref 9019409-01 UMTS GPRS EDGE router ref. IPL-3G
Due to its functions and its worldwide
3G module, the IPL-3G provides to
authorized users a remote access to
remote industrial devices or industrial
networks around the world through the
3G or GSM-GPRS network.
If the IP address assigned to the IPL-3G
router by the wireless service provider is
not fixed, It is possible to use either the
DynDNS service, or the M2Me_Connect
service provided by ETIC TELECOM.
The M2Me_Connect service makes
possible to set a secure connection
between
•A remote maintenance PC on one
hand,
•and an Ethernet or a serial Machine
network on the other hand through the
Internet.
The M2Me_Connect service is
specially efficient for remote
maintenance of automated systems.
The M2Me_Connect service makes
that connection possible and easy
even if the IP addresses of the PC on
one hand and of the Machine network
on the other hand are private and or
dynamic.
PRODUCT OVERVIEW
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 17
5.2 Main features
The IPL-3G router provides the functions hereafter.
Remark :Some features are provided only on particular models.
IP router
The IPL-3G firewall-router provides powerful, flexible and comprehensive solutions to route IP
packets between the LAN and the 3G interface.
VPNs client or server
The IPL-3G router is able to establish safe VPN tunnels.
Once a VPN is established between two IPL-3G routers , each IP device connected to the first IPL-
3G can exchange IP packets with any device connected to the other IPL-3G.
The VPN mechanism ensures at the same time end-points authentication, data integrity and
confidentiality.
The IPL-3G router is able to establish up to 25 IPSec or TLS –SSL VPNs.
Authentication can be carried-out with a pre-shared key or with a certificate.
SPI Firewall
The IPL-3G incorporates a stateful inspection firewall.
It is able to check source and destination IP addresses and port numbers for data coming the from
the WAN interface or from the LAN interface.
Remote access server
Remote users are authenticated, an IP address belonging to the LAN interface is automatically
assigned to their PC.
Moreover, The traffic coming from the PC of each remote user is filtered according to the remote user
identity.
M2Me_Connect service *
The IPL-3G is compliant with M2Me_Connect, the remote connection service provided by ETIC
TELECOM over the Internet.
Serial gateway *
The product includes an asynchronous (RS232-RS485) to IP gateway, enabling to connect
asynchronous or USB devices directly and safely to the Ethernet network.
DHCP client or server
DHCP is a standard Internet protocol that enables a DHCP server to
dynamically distribute IP addresses and configuration information to the DHCP clients.
The IPL-3G can be a DHCP client or server on its LAN interface or a DHCP client on its 3G (WAN)
interface.
Emails –sms
An email (or SMS) can be sent each time one on the two digital inputs is opened or closed.
SNMP
The IPL-3G router is an SNMP agent.
PRODUCT OVERVIEW
Page 18 User guide ref 9019409-01 UMTS GPRS EDGE router ref. IPL-3G
Html and DIP switches configuration
The IPL-3G is configured with a web server .
Two DIP switches allow to assign an IP address to the IPL-3G over the LAN interface : DHCP client
or server, factory IP address or stored IP address.
EticFinder software
The ETICFinder software is delivered with the product.
It detects the ETIC products connected to an Ethernet interface and displays the MAC address and
the iP address of each product.
M2Me_Secure VPN client software
M2Me_Secure is a TLS client able to register up to 100 VPN connections the user can set on a click.
* That feature is provided only on particular models; see the Product Identification table above.
INSTALLATION
UMTS GPRS EDGE router ref. IPL-3G User guide ref. 9019409-01 Page 19
1Dimensions
Dimensions
2Connectors
IPL-3G-X-1220 IPL-3G-X-1230
IPL-3G-X-1400
INSTALLATION
Page 20 User guide ref 99019409-01 UMTS GPRS EDGE router ref. IPL-3G
8 positions screw terminal : Supply voltage and digital input / output
Positio
nName Description
1Power 1
+IPL-3G-X-1220 or IPL-3G-X-1220-B: 10 to 30 VDC
All other models : 10 to 60 VDC
2Power 1
-GND
3Power 2
+IPL-3G-X-1220 or IPL-3G-X-1220-B: 10 to 30 VDC
All other models : 10 to 60 VDC
4Power 2
-GND
53V3 3 V DC provided by the IPL router
6In Digital input
7F + Digital output + (max 50Vdc -0,6A)
8F -Digital output -
RJ45 connector : Ethernet
Positio
nName Description
1Tx + Emission polarity +
2Tx -Emission polarity -
3Rx + Reception polarity +
4N.C -
5N.C -
6Rx -Reception polarity -
7N.C. -
8N.C. -
RS485 screw terminal
Positio
nName Description
1ARS485 polarity A
2BRS485 polarity B
RS232 RJ45 connector port 1
(To connect to a DCE to the RS232 port)
Positio
nCircuit Function
1DTR -108
OUT Data terminal ready
2TD -103 OUT Data Emission
3RD -104 IN Data Reception
4DSR -
107 IN Data set ready
5SG -102 -Ground
6Not used OUT -
7CTS -106
IN Clear to send
8RTS -105
OUT Request to send
Table of contents
Other ETIC Network Router manuals
