Beijing InHand Networks Technology Co R7X1GS Industrial Cellular Router User Manual IR7x1GS55 Series 2 6

Beijing InHand Networks Technology Co,. Ltd. Industrial Cellular Router IR7x1GS55 Series 2 6

User Manual

InRouter 700 Series User’s Manual www.inhandnetworks.com InRouter 7x1GS55 Series User’s Manual Fifth Edition, August, 2011 (For Firmware Version: 1.3.5.v2275) © 2011 InHand Networks, All rights reserved. Republication without permission is prohibited.
InRouter 700 Series User’s Manual Copyright Notice Copyright © 2011 InHand Networks All rights reserved. Reproduction without permission is prohibited. Trademarks InHand is a registered trademark of InHand Networks. Other registered marks cited in this manual represented their respective companies. Disclaimer Information in this document is subject to change without notice and does not represent an obligation on the part of InHand Networks. This user manual may include intentional technical or typographical errors. Changes are periodically made to the manual to correct such errors, and these changes are not informed in new editions. Technical Support Contact Information InHand Networks, China Tel: +86-010-64391099 Fax: +86-010-64399872 Email: support@inhandnetworks.com
InRouter 700 Series User’s Manual www.inhandnetworks.com 1 Release Notes 2011. 3. 24th: Add description for functions: 1. WOL (Wakeup Over LAN) at “Networks”Æ”LAN”; 2. SMS control (reboot/show status) at “Service”Æ”SMS”; 3. “User+X.509” mode for OpenVPN client; Add Notice: 1. WAN/LAN settings: don’t set the WAN/LAN IP as 192.168.3.1 (the default IP of DMZ port); 2011.8.21st: Add description for functions: 1. “Double Dialup”, set backup parameters for PPP dialup at “Networks”Æ”Dialup”; 2. “Double IPSec”, set backup IPSec tunnel at “VPN” Æ “IPSec Tunnels”; 3. “DHCP Relay” at “Service” Æ “DHCP Relay”; 4. “DNS Relay” at “Service” Æ “DNS Relay” 5. Enable “SSH configuration”; 6. Disable “Multi Manager” function at “System” Æ “Admin Access”; 7. “Loopback” at “Networks” Æ “Loopback”; 8. “Port Mirror” at “Networks” Æ “Port Mirror”;
InRouter 700 Series User’s Manual www.inhandnetworks.com 2 Contents Contents ...................................................................................................................................................................................... 2Introduction to InRouter 700 Series ........................................................................................................................................... 31.1Overview ................................................................................................................................................................ 41.2Package Checklist ................................................................................................................................................... 61.3Product Features ..................................................................................................................................................... 71.3.1 Interfaces ........................................................................................................................................................... 71.3.2 Functions ........................................................................................................................................................... 81.3.3 Environmental Limits ........................................................................................................................................ 91.3.4 Power Requirements .......................................................................................................................................... 91.3.5 Physical Characteristics ..................................................................................................................................... 91.3.6 Advanced Industrial Features .......................................................................................................................... 101.3.7 Device Management Software ......................................................................................................................... 101.3.8 Warranty .......................................................................................................................................................... 101.4Product Models ..................................................................................................................................................... 11Quick Installation Guide ........................................................................................................................................................... 132.1Typical Application ............................................................................................................................................... 142.2Panel Layout ......................................................................................................................................................... 142.3Quick Connection to Internet ............................................................................................................................... 162.3.1 Insert SIM Card ............................................................................................................................................... 162.3.2 Antenna Installation ......................................................................................................................................... 162.3.3 Power Supply ................................................................................................................................................... 162.3.4 Connect ............................................................................................................................................................ 162.3.5 First Connect InRouter with Your PC .............................................................................................................. 172.3.6 Start to configure your InRouter 700(Optional) .............................................................................................. 192.3.7 Connect InRouter with Internet ....................................................................................................................... 202.4Quick IPSec VPN Configuration .......................................................................................................................... 212.5Reset to Factory Defaults ..................................................................................................................................... 232.5.1Hardware Method ..................................................................................................................................... 232.5.2 Web Method ..................................................................................................................................................... 24Advanced Configuration .......................................................................................................................................................... 253.1Configuration on Web .......................................................................................................... ................................. 263.1.1 Preparation ....................................................................................................................................................... 263.1.2 System ............................................................................................................................................................. 273.1.3 Network ........................................................................................................................................................... 323.1.4 Service ............................................................................................................................................................. 403.1.5 Firewall ............................................................................................................................................................ 453.1.6 QoS .................................................................................................................................................................. 473.1.7 VPN ................................................................................................................................................................. 483.1.8 Tools ................................................................................................................................................................ 553.1.9 Status ............................................................................................................................................................... 563.2 Support ....................................................................................................................................................................... 59
InRouter 700 Series User’s Manual www.inhandnetworks.com 3 I Introduction to InRouter 700 Series ◆ Overview ◆ Product Models ◆ Product Features & Specifications ◆ Package Checklist
InRouter 700 Series User’s Manual www.inhandnetworks.com 4 1.1 Overview InRouter 700 series industrial grade routers provide users with stable and high speed connection between remote devices and customer’s center via 2.5G/3G networks. They allow wide voltage power supply (9-48V DC), large range operating temperature from -25°C to 55°C (-10 ~ 131°F)/ humidity: 95% RH, and fully satisfy various EMC verifications, which ensure stability and reliability under harsh industrial conditions. The InRouter 700 can be placed on a desktop or DIN-mounted. InRouter 700 series products support VPN (IPSec/PPTP/ L2TP/GRE/SSL VPN), which create high-security links between remote equipment and customer’s center. In Addition, InRouter 700 series products support the Device Manager remote device manage platform, which realizes remote operation including remote control, remote monitor, parameters configure, firmware upgrade, log/alarm management, information statistics/display, batch configuration/update and etc.
InRouter 700 Series User’s Manual www.inhandnetworks.com 5 Important Safety Information This product is not intended for use in the following circumstances • Area(s) where radio transmission equipment (such as cell phone) are not permitted. • Hospitals, health care facilities and area(s) where cell phones are restricted by law. • Gas stations, fuel storage and places where chemical are stored. • Chemical plants or places with potential explosion hazard. • Any metal surface that may weaken the radio signal level. RF safety distance This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. NOTE: This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures: --Reorient or relocate the receiving antenna. -- Increase the separation between the equipment and receiver. -- Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. -- Consult the dealer or an experienced radio/TV technician for help. (c) The provisions of paragraphs (a) and (b) do not apply to digital devices exempted from the technical standards under the provisions of Section 15.103. (d) For systems incorporating several digital devices, the statement shown in paragraph (a) or (b) needs to be contained only in the instruction manual for the main control unit. (e) In cases where the manual is provided only in a form other than paper, such as on a computer disk or over the Internet, the information required by this section may be included in the manual in that alternative form, provided the user can reasonably be expected to have the capability to access information in that form. RF exposure warning This equipment must be installed and operated in accordance with provided instructions and the antenna(s) used for this transmitter must be installed to provide a separation distance of at least 20 cm from all persons and must not be co-located or operating in conjunction with any other antenna or transmitter. End-users and installers must be provide with antenna installation instructions and transmitter operating conditions for satisfying RF exposure compliance Warning This is a class B product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures.
InRouter 700 Series User’s Manual www.inhandnetworks.com 6 WEEE Notice The Directive on Waste Electrical and Electronic Equipment (WEEE), which entered into force as European law on 13th February 2003, resulted in a major change in the treatment of electrical equipment at end-of-life. The purpose of this Directive is, as a first priority, the prevention of WEEE, and in addition, to promote the reuse, recycling and other forms of recovery of such wastes so as to reduce disposal. The WEEE logo (shown at the left) on the product or on its box indicates that this product must not be disposed of or dumped with your other household waste. You are liable to dispose of all your electronic or electrical waste equipment by relocating over to the specified collection point for recycling of such hazardous waste. Isolated collection and proper recovery of your electronic and electrical waste equipment at the time of disposal will allow us to help conserving natural resources. Moreover, proper recycling of the electronic and electrical waste equipment will ensure safety of human health and environment. For more information about electronic and electrical waste equipment disposal, recovery, and collection points, please contact your local city centre, household waste disposal service, shop from where you purchased the equipment, or manufacturer of the equipment. 1.2 Package Checklist We put each InRouter 700 cellular router in a box with standard accessories. Additionally, there’re optional accessories can be ordered. When you receive our package, please check carefully, and if there’re items missing or appearing to be damaged, please contact with your InHand Networks sales representative. Items in package include: Standard Accessories: Accessories Description InRouter 700 Serials Wireless Router 1 Cable 1 Cross line,CAT-5,1.5M Document and Software CD 1 Antenna 5m Cellular Antenna Power Supply Power Adapter, 100-265V AC in, 12V DC out (included in IR7xx)
InRouter 700 Series User’s Manual www.inhandnetworks.com 7 Power plug, American Standard (included in IR7xx) Optional Antennas: Picture Type Description GSM/GPRS Cellular Antennas HSUPA /HSDPA/WCDMA: 850/900/1800/1900/2100 MHz GSM/GPRS/EDGE: 850/900/1800/1900MHz UMTS/HSDPA/WCDMA Cellular Antennas HSUPA /HSDPA/WCDMA: 850/900/1800/1900/2100 MHz GSM/GPRS/EDGE: 850/900/1800/1900MHz Anti-thief antenna HSUPA /HSDPA/WCDMA: 850/900/1800/1900/2100 MHz GSM/GPRS/EDGE: 850/900/1800/1900MHz Stick antenna HSUPA /HSDPA/WCDMA: 850/900/1800/1900/2100 MHz GSM/GPRS/EDGE: 850/900/1800/1900MHz 1.3 Product Features 1.3.1 Interfaces WAN Cellular WAN: Band Options: HSUPA /HSDPA/WCDMA 850/900/1900/2100MHz GSM/GPRS/EDGE 850/900/1800/1900MHz Ethernet WAN: Ethernet: 10/100 Mbps, RJ45 connector, Auto MDI/MDIX Magnetic Isolation Protection: 1.5 KV built-in LAN IR701/711/791: Number of Ports: 1 Ethernet: 10/100 Mbps, RJ45 connector, Auto MDI/MDIX
InRouter 700 Series User’s Manual www.inhandnetworks.com 8 Magnetic Isolation Protection: 1.5 KV built-in IR704/714/794: Number of Ports: 4 Ethernet: 10/100 Mbps, RJ45 connector, auto MDI/MDIX Magnetic Isolation Protection: 1.5 KV built-in Serial A. Serial Type: RS232/485 B. Data bit: 5/6/7/8 C. Stop bit: 1/2 D. Check bit: N/O/D E. Baud rate: 1,200bit/s~ 115,200bit/s SIM Interface SIM Control: 3 V 1.3.2 Functions PPP Supported VPDN/APN, fast access to virtual private dial-up network (VPDN) provided by mobile operator, ensure high-security data transmission. Support PPPoE (Point to Point Protocol over Ethernet) Protocol. Support CHAP/PAP/MS-CHAP/MS-CHAP V2 authorization Support Connection Detection, auto-recovery, auto-link, ensure reliable communication. Support On-demand connection, SMS Activity Dynamic IP Support DHCP, applied as Server/Client Dynamic DNS Support Dynamic DNS-IP Binding Flux Management Support rate limiting, Firewall Function Package filtering Port Mapping Virtual Address Mapping DMZ zone MAC addresses binding.
InRouter 700 Series User’s Manual www.inhandnetworks.com 9 Route function Support Static Routing Table VPN (not available for IR701/704) IPSec VPN L2TP VPN PPTP VPN GRE SSL VPN (for IR791/794 only) Link Backup VRRP Support VRRP protocols, realizing immediate link backup Hot Link Backup (for IR704/714/794 only) Support Wireless Hot Link Backup for cable link via only one device DNS Forwarding Support DNS Forwarding, support DNS record Network tools Support Ping, Trace Route and Telnet Wakeup Over LAN (WOL) Support Wakeup over LAN, to wakeup industrial PC over Eth. after receives SMS. RSSI + Cell ID Display 1.3.3 Environmental Limits Operating Temperature: -25 to 55°C (-10 to 158°F) Operating Humidity: 5 to 95% RH Storage Temperature: -40 to 85°C (-40 to 167°F) 1.3.4 Power Requirements Power Inputs: 1 terminal block, including power jack and serial. Input Voltage: 9 -48 VDC 1.3.5 Physical Characteristics Housing: Steel, providing IP30 protection Weight: 490g Dimensions (mm) IR701/711/791:
InRouter 700 Series User’s Manual www.inhandnetworks.com 10 IR704/714/794: 1.3.6 Advanced Industrial Features Physical Characteristics Housing: Metal, IP30 EMC Features ESD: EN61000-4-2, level 4 Surge: EN61000-4-5, Level 3 Electric Fast Transient/burst: EN61000-4-4, Level 4 RF Electromagnetic Field Immunity: EN61000-4-3, Level 3 RF conducted interference: EN61000-4-6, Level 3 Damped oscillation Immunity: EN61000-4-12, Level 3 Power-frequency electromagnetic fields Immunity: EN61000-4-8, Level 5 Anti-shock: IEC60068-2-27 Drop: IEC60068-2-32 Vibration: IEC60068-2-6 1.3.7 Device Management Software Device Manager: Centralized management solution for InHand Networks Devices 1.3.8 Warranty Warranty Period: 3 year (Optional service for 5 years) Side View DIN Rail Kit Front View Rear View DIN Rail Kit   Side View Front View Back View
InRouter 700 Series User’s Manual www.inhandnetworks.com 11 1.4 Product Models The current models of InRouter 700 Series include: InRouter 701/711/791GS55, InRouter 701/711/791WH01, InRouter 704/714/794WH01. The models are classified according to main difference including cellular network, VPN support and interface for device. Model Serial LAN Cellular WAN Ethernet WAN VPN CA X.509 base64 GPRS Models IR701GS55 RS232/485 Optional 1 RJ45 GSM/GPRS 850/ 900/1800/1900 MHz N/A N/A N/A IR711GS55 1 RJ45 N/A IPSec/PPTP/L2TP/GRE N/A IR791GS55 1 RJ45 N/A IPSec/PPTP/L2TP/GRE/SSL Support IR704GS55 1 RJ45 ADSL/DHCP/ PPPoE/Static IP N/A N/A
InRouter 700 Series User’s Manual www.inhandnetworks.com 12 IR714GS55 1 RJ45 ADSL/DHCP/ PPPoE/Static IP IPSec/PPTP/L2TP/GRE N/A IR794GS55 1 RJ45 ADSL/DHCP/ PPPoE/Static IP IPSec/PPTP/L2TP/GRE/SSL Support UMTS Models IR701WH01 RS232/485 Optional 1 RJ45 HSUPA /HSDPA/WCDMA: 850/900/1800/1900/2100 MHz GSM/GPRS/EDGE: , 850/900/1800/1900MHz N/A N/A N/A IR711WH01 1 RJ45 N/A IPSec/PPTP/L2TP/GRE N/A IR791WH01 1 RJ45 N/A IPSec/PPTP/L2TP/GRE/SSL Support IR704WH01 4 RJ45 ADSL/DHCP/ PPPoE/Static IP N/A N/A IR714WH01 4 RJ45 ADSL/DHCP/ PPPoE/Static IP IPSec/PPTP/L2TP/GRE N/A IR794WH01 4 RJ45 ADSL/DHCP/ PPPoE/Static IP IPSec/PPTP/L2TP/GRE/SSL Support EVDO 450MHz Models IR701VC80 RS232/485 Optional 1 RJ45 EVDO 450MHz Rev.A CDMA 450MHz N/A N/A N/A IR711VC80 1 RJ45 N/A IPSec/PPTP/L2TP/GRE N/A IR791VC80 1 RJ45 N/A IPSec/PPTP/L2TP/GRE/SSL Support IR704VC80 4 RJ45 ADSL/DHCP/ PPPoE/Static IP N/A N/A IR714VC80 4 RJ45 ADSL/DHCP/ PPPoE/Static IP IPSec/PPTP/L2TP/GRE N/A IR794VC80 4 RJ45 ADSL/DHCP/ PPPoE/Static IP IPSec/PPTP/L2TP/GRE/SSL Support USB Models IR701UE RS232/485 Optional 1 RJ45 USB Modem N/A N/A N/A IR711UE 1 RJ45 N/A IPSec/PPTP/L2TP/GRE N/A IR791UE 1 RJ45 N/A IPSec/PPTP/L2TP/GRE/SSL Support IR704UE 4 RJ45 ADSL/DHCP/ PPPoE/Static IP N/A N/A IR714UE 4 RJ45 ADSL/DHCP/ PPPoE/Static IP IPSec/PPTP/L2TP/GRE N/A IR794UE 4 RJ45 ADSL/DHCP/ PPPoE/Static IP IPSec/PPTP/L2TP/GRE/SSL Support
InRouter 700 Series User’s Manual www.inhandnetworks.com 13 II Quick Installation Guide ◆ Typical Application ◆ Panel Layout ◆ Quick Connect to Internet ◆ Quick IPSec VPN Configuration ◆ Reset to Factory Defaults
InRouter 700 Series User’s Manual www.inhandnetworks.com 14 2.1 Typical Application InRouter 700 series can be used to connect your device (with RS232/485/Ethernet Interface) to internet via GPRS/HSUPA cellular. Meanwhile, to ensure the security and access, InRouter 700 series support VPN, enabling remote access and secure data transmission through internet. 2.2 Panel Layout IR701/711/791:
InRouter 700 Series User’s Manual www.inhandnetworks.com 15 IR704/714/794: Interface Description Power Interface Access 9-48 V DC Power Supply Serial Access to the serial line, realizing Ethernet Ports One 10/100Base-TX RJ45 Port (IR701/711/791GS55, IR701/711/791WH01, IR701/711/791UE) Four 10/100Base-TX RJ45 Ports, (IR704/714/794UE, IR704/714/794WH01) ANTENNA 2.5G/3G antenna SIM Card Connector Put SIM card Description of LED Legend: On-- Off-- Blink-- Power on Start to run firmware Begin dial to Internet Connect to internet Upgrading firmware Restore factory default Signal Status LED Description ----- Signal: 1-9 (bad signal level, route cannot work, please check the antenna and local signal level) ------ Signal: 10-19 (Router work normally under this signal level) ------ Signal: 20-31 (Perfect signal level)
InRouter 700 Series User’s Manual www.inhandnetworks.com 16 2.3 Quick Connection to Internet 2.3.1 Insert SIM Card Open InRouter SIM/UIM card case at the button, insert the SIM card and close the case. For the external USB modem type, insert the USB card into the USB port. 2.3.2 Antenna Installation After install the IR7X1GS55, connect the interface of enhanced antenna and the interface of skin antenna and screw closely. Put the amplifier of enhanced antenna to where there receives good signal. Max allowed antenna gain is 0.5dBi. Attention: The position and angle may influence the quality of signal. 2.3.3 Power Supply Link the power supply in the product package with InRouter, watch where the InRouter Power LED on the panel is light up. If not, please connect with InHand for technical supports. You can configure IR7X1GS55 after the Power LED lights up. 2.3.4 Connect Link the IR7X1GS55 with PC: (1) Using the cable to link IR7X1GS55 with PC; (2) After the connection, you can see one LED of RJ45 Interface turns green and the other flashes. USB Modem
InRouter 700 Series User’s Manual www.inhandnetworks.com 17 2.3.5 First Connect InRouter with Your PC IR7X1GS55 Router can auto-distribute IP address for PC. Please set the PC to automatically obtain IP address via DHCP. (Based on the Windows operation system): 1) Open “Control Panel”, double click “Network Connections” icon, and enter “Network Connections” Screen. 2) Double click “Local Area Connection”, enter “Local Area Connection Status” screen: 3) Click “Properties”, enter “Local Area Connection Properties” screen Choose “Internet Protocol (TCP/IP)”, click “properties” button, ensure your PC can obtain IP and DNS address automatically. (Or you can set your PC in the subnet: 192.168.2.0/24, for example, set IP: 192.168.2.10, Net Mask: 255.255.255.0, Default Gateway: 192.168.2.1)
InRouter 700 Series User’s Manual www.inhandnetworks.com 18 Click “OK”, InRouter will allocate an IP address: 192.168.2.X, and a gateway: 192.168.2.1(the default address of IR7X1GS55). After configure TCP/IP protocols, you can use ping command to check whether the link between PC and Router is built correctly. There is an example to execute Ping command under Windows XP as below: Ping 192.168.2.1 If the screen shows: Then the link between the PC and Router is correct connected. Else if it shows: Then the connection seems not build, and you need to check thoroughly following the former instructions.
InRouter 700 Series User’s Manual www.inhandnetworks.com 19 2.3.6 Start to configure your InRouter 700(Optional) After you have finished the former steps, you can configure the Router: 1) Open IE browser, input the default IP address of the Router: http://192.168.2.1, you can see the login web below: Input “username” (default: adm) and the “password” (default: 123456), and then click “login” to enter the operation screen. 2) Change the IP configuration: Attention: After configuration, please click “apply” to activate your configuration. If you want to set your own IP of InRouter 700, please follow the instructions below: Click “Network”=>“LAN”, change the IP address to 192.168.1.254: 3) Click “Apply”, then you will see: Now the IP address of IR7X1GS55 has been reset, and in order to enter the configuration web, you need set your PC in the same subnet, for example: 192.168.1.10/24 then input the changed IP address (192.168.1.254) in your IE Browser.
InRouter 700 Series User’s Manual www.inhandnetworks.com 20 2.3.7 Connect InRouter with Internet Following the configuration steps below to enable IR7X1GS55 to connect with the internet. Click “Network”=>“Dialup”, enter dialup configuration web: Please check the APN, Dialup Number, Username and Password: Dialup Number, Username and Password are provided by local mobile operator. You can contact them for more details. The following example shows parameters provided by China Mobile, Vodafone and Cingular. Please contact with local operator for details. 1: China Mobile APN: CMNET Phone Number: *99# User Name: web Password: web 2: Vodafone APN: internet Phone Number: *99# User Name: web Password: web After correct configuration, InRouter 700 can now connect with Internet. Open IE Browser, input www.google.com, you can see the Google web as below:
InRouter 700 Series User’s Manual www.inhandnetworks.com 21 2.4 Quick IPSec VPN Configuration If you need to build a VPN tunnel to realize access to your PLC far away through internet or you need ensure the security by using VPN. Here’s a quick configuration guide of IPSec for InRouter 700 Series. Connect PC with Router to enter router configuration web, select “VPN” => “IPSec setting”: Enable NAT-Traversal (NATT): select enable. Keep alive time interval of NATT: set the “Keep alive time interval of NATT”, default is 60 seconds. Enable Compression: select enable. Please change the parameters according to concrete situation. Click “Apply” to finish configuration. 1) Select “VPN”=> “IPSec Tunnels” to check or modify parameters of IPSec Tunnels.
InRouter 700 Series User’s Manual www.inhandnetworks.com 22 Click “Add” to add a new IPSec Tunnel: Basic Parameters: set basic parameters of IPSec tunnel. Tunnel Name: name IPSec tunnel, the default is IPSec_tunnel_1. Destination Address: set to VPN server IP/domain, e.g.: the domain provided by GJJ is gjj-ovdp.3322.org. Startup Modes: select Auto Activated. Negotiation Mode: optional between Main Mode and Aggressive Mode. Generally, select Main Mode. IPSec Protocols: optional among ESP, AH. Generally, select ESP. IPSec Mode: optional between Tunnel Mode and Transport Mode. Generally, select Tunnel Mode. Tunnel Type: optional among Host-Host, Host-Subnet, Subnet-Host and Subnet-Subnet. Local Subnet: IPSec local subnet protected. E.g.: 172.16.16.0. Local Net Mask: IPSec local Net Mask protected. E.g.: 255.255.255.252. Remote Subnet: IPSec remote subnet protected. E.g.: 172.16.0.0. Remote Net Mask: IPSec remote Net Mask protected. E.g.: 255.240.0.0. Phase 1 Parameters: configure parameters during the Phase 1 of IPSec negotiation. IKE Policy: optional between 3DES-MD5-96 and AES-MD5-96, suggest selecting 3DES-MD5-96. IKE Lifetime: the default is 86400 seconds. Local ID Type: optional among FQDN, USERFQDN, IP address, suggest selecting IP address. Remote ID Type: optional among FQDN, USERFQDN, IP address, suggest selecting IP address. Authentication Type: optional between Shared Key and Certificate, generally choose Shared Key. Key: set IPSec VPN negotiating key. Phase 2 Parameters: configure parameters during the Phase 2 of IPSec negotiation. IPSec Policy: optional between 3DES-MD5-96 and AES-MD5-96, suggest selecting 3DES-MD5-96. IPSec Lifetime: the default is 3600 seconds. Perfect Forward Encryption: Optional among None, GROUP1, GROUP2 and GROUP5. This parameter should match with the server, generally, select “None”. Click “Save” to finish adding IPSec Tunnel:
InRouter 700 Series User’s Manual www.inhandnetworks.com 23 You can click “Show Detail Status” to observe the specific connection details, or click “Add” to add a new tunnel. Now you succeed to build a high-security IPSec tunnel, here’s an example: We set an IPSec Tunnel from subnet: 192.168.220.0/24 to subnet: 192.168.123.0/24, when it succeeds, the web will show: And the PC in IPSec client subnet can get access to the server’s subnet. Open command in your PC, then ping a PC in the server’s subnet: 2.5 Reset to Factory Defaults 2.5.1 Hardware Method Legend: On-- Off-- Blink-- 1) Push RESET button while powering on IR7X1GS55: 2) When you see ERROR LED turns on (about 10 seconds after powering on), stop push RESET button:
InRouter 700 Series User’s Manual www.inhandnetworks.com 24 3) After a few seconds, the ERROR LED then turns off, now push RESET button again: 4) Then you will see ERROR and STATUS blinking, which means reset to factory defaults successfully! Factory default settings: IP: 192.168.2.1 Net Mask: 255.255.255.0 Serial parameter: 19200-8-N-1 2.5.2 Web Method 1) Login the web interface of IR7X1GS55, select “System”Æ”Config Management”: 2) Click “Restore default configuration” to Reset IR7X1GS55.
InRouter 700 Series User’s Manual www.inhandnetworks.com 25 III Advanced Configuration ◆ Configuration on Web
InRouter 700 Series User’s Manual www.inhandnetworks.com 26 3.1 Configuration on Web InRouter must be correctly configured before use. This Chapter will show you how to configure via Web. 3.1.1 Preparation Firstly, connect your devices with IR7X1GS55 by cable or HUB (switch), then set the IP of PC and IR7X1GS55 in the same subnet, for example: Set PC IP to 192.168.2.50, net mask: 255.255.255.0, gateway (default IP of IR7X1GS55: 192.168.2.1 ): Open IE browser, input the IP address of IR7X1GS55: http://192.168.2.1 (default IP of IR7X1GS55). Then you’ll see the Login Web below, you need to login as Administrator. Input the username and password (default: adm/123456). Click “Login” to enter configure web:
InRouter 700 Series User’s Manual www.inhandnetworks.com 27 3.1.2 System System settings include the 9 settings: Basic Setup, Time, Serial Port, Admin Access, System Log, Config Management, Update, Reboot and Logout. (1) Basic Setup Parameters Name Description Default Example Language Choose language of configuration web Chinese English Router Name Set name of InRouter Router My InRouter Host Name Name the device/PC linked with IR7X1GS55 Router My InRouter
InRouter 700 Series User’s Manual www.inhandnetworks.com 28 (2) Time Name Description Default Router Time Display router time 1970-1-1 8:00:00 PC Time Display PC time (or the time of device linked with router) Time Zone Set time zone Custom Custom TZ string Set the string of time zone of Router CST-8 Auto Update Time Time Update Interval Disabled NTP Time Servers (after enable the Auto Update Time) Setting for NTP Time server. (Three at the most) pool.ntp.org (3) Serial Port Name Description Default Baud Rate Serial baud rate 19200 Data Bit Serial data bits 8 Parity Set parity bit of serial data. None Stop Bit Set stop bit of serial data. 1 Hardware Flow Control Enable Hardware Flow Control Disable Software Flow Control Enable Software Flow Control Disable
InRouter 700 Series User’s Manual www.inhandnetworks.com 29 (4) Admin Access Name Description Default Username/Password Username Username for configuration web login adm Old Password To change the password, you need to input the old one 123456 New Password Input new password Confirm New Password Input the new password again Management HTTP/HTTPS/TELNET/SSHD/Console Enable Select to enable Enable Service Type HTTP/HTTPS/TELNET/SSHD/Console 80/443/23/22/Blank Local Access Enable—allow manage Router by LAN(e.g.: HTTP) Disable—forbid manage Router by LAN. Enable Remote Access Enable—allow to manage IR7X1GS55 by WAN. (e.g.: HTTP) Disable—forbid to manage IR7X1GS55 by WAN. (e.g.: HTTP) Enable Allowed Access from WAN (Optional) Set the range of allowed IP address for WAN (HTTP/HTTPS/TELNET/SSHD) Control services server can be set at this time, for example 192.168.2.1/30 or 192.168.2.1-192.168.2.10 Description Describe the parameters of management (non-influence to IR7X1GS55) Other Parameters Log Timeout Set the Log Timeout, configuration web will be disconnected after timeout 500 seconds
InRouter 700 Series User’s Manual www.inhandnetworks.com 30 (5) System Log Name Description Default Log to Remote System Enable remote log server Disable IP address/Port (UDP) Set the IP and Port of remote log server Port: 514 (6) Config Management Name Description Router Configuration Import/Backup configuration file Restore default configuration Click to reset IR7X1GS55 (to enable RESET, you need to reboot IR7X1GS55) Network Provider (ISP) Used to configure the APN, username, password and other parameters of major operators (7) System Upgrade If need to upgrade system, click “System”=>”System upgrade” to enter update page, then follow the steps below: Click “Browse”, choose the upgrade file;
InRouter 700 Series User’s Manual www.inhandnetworks.com 31 Click “update”, and then click “sure” to begin update as it shows below. Upgrade firmware succeed, and click “reboot” to restart IR7X1GS55. (8) Reboot If you need to reboot system, please click ”System”=>”Reboot”, Then click ”OK” to restart system. (9) Logout If you need to logout system, click “System”=>”Logout”, and then click “OK”.
InRouter 700 Series User’s Manual www.inhandnetworks.com 32 3.1.3 Network Network settings include configurations of Dialup, LAN, DNS, DDNS, Static Route, and etc. (1) Dialup Name Description Default Enable Enable PPP dialup Enable Time Schedule Set time for online and offline ALL SHARED Enabled—device linked with Router Can access to internet. Disable—device Can NOT access to internet via Router. Enable ISP Select local ISP, if not listed here, please select ”Customer” Customer Network Select Type Choose mobile network type HSDPA (or GPRS) APN APN parameters provided by Local ISP, you can set TWO different group of dialup parameters (APN/Username/Password) and set one as backup cmnet/uninet
InRouter 700 Series User’s Manual www.inhandnetworks.com 33 Access Number Dialup parameters provided by Local ISP “*99#”“*99***1#” or #777 Username Dialup parameters provided by Local ISP “gprs” or ”CDMA” Password Dialup parameters provided by Local ISP “gprs” or ”CDMA” Primary Profile Retries After retries and dialup still failed, router will try backup dialup parameters (if you have set two IPSec tunnels and one as backup, router will also stop the main one and try another, more details please see at “VPN” Æ “IPSec” ) 0 (always use main parameters and never use backup) Static IP Enable Static IP if your SIM card can get static IP address Disable Connection Mode Optional Always Online, Always Online Redial Interval When Dial fails, InRouter will redial after the interval 30 seconds Show Advanced Options Enable configure advanced options Disabled Initial Commands Used for advanced parameters Blank Dial Timeout Set dial timeout (IR7X1GS55 will reboot after timeout) 120 seconds MTU Set max transmit unit 1500 MRU Set max receive unit 1500 TX Queue Length Set length of transmit queue 3 Enable IP header compression Enable IP header compression Disabled Use default asyncmap Enable default asyncmap, PPP advanced option Disabled Using Peer DNS Click Enable to accept the peer DNS Enabled Link Detection Interval Set Link Detection Interval, you need to disable 30 seconds Link Detection Max Retries Set the max retries if link detection failed 3 Debug Enable debug mode Enable Expert Option Provide extra PPP parameters, normally user needn’t set this. Blank ICMP Detection Server Set ICMP Detection Server, blank represents none Blank ICMP Detection Interval Set ICMP Detection Interval 30 seconds ICMP Detection Timeout Set ICMP Detection Timeout (IR7X1GS55 will reboot if ICMP time out) 5 seconds ICMP Detection Max Retries Set the max number of retries if ICMP failed 5 Dialup----Time Schedule Management: Name Description Default Name Name the schedule schedule 1 Sunday Blank Monday Enable Tuesday Enable Wednesday Enable Thursday Enable Friday Enable Saturday Blank Time Range 1 Set Time Range 1 9:00-12:00 Time Range 2 Set Time Range 2 14:00-18:00 Time Range 3 Set Time Range 3 0:00-0:00 Description Describe configuration Blank
InRouter 700 Series User’s Manual www.inhandnetworks.com 34 (2) WAN (for InRouter704/714/794 only) This page is to set the type of WAN port: Name Description Default Type Static IP; Dynamic Address(DHCP); ADSL Dialup(PPPoE); Disabled Disabled Attention: There can only be one WAN type at one time, enabling one type WAN will disabled another. WAN—Static IP Notice: please DO NOT set WAN address as: 192.168.3.x (an IP for DMZ port). Name Description Default Type Static IP SHARED Enabled—the local device linked with Router can get access to internet. Disable—the local device can’t get access to internet via Router. Enable MAC Address Set MAC Address IP Address Set WAN port IP 192.168.1.29 Net Mask Set WAN port Net Mask 255.255.255.0 Gateway Set WAN Gateway 192.168.1.1 MTU Set Max Transmission Unit, optional between default and manual 1500 Multi-IP Settings(can set 8 additional IP address at the most) IP address Set the additional IP address of LAN Blank Net Mask Set Net Mask Blank Description Describe the settings Blank
InRouter 700 Series User’s Manual www.inhandnetworks.com 35 WAN—Dynamic Address (DHCP) Name Description Default Type Dynamic Address (DHCP) SHARED Enabled—the local device linked with Router can get access to internet. Disable—the local device can’t get access to internet via Router. Enable MAC Address Set MAC Address MTU Set Max transmission unit, optional between default and manual 1500 WAN --ADSL Name Description Default Type ADSL Dialup (PPPoE) SHARED Enabled—the local device linked with Router can get access to internet. Disable—the local device can’t get access to internet via Router. Enable MAC Address Set MAC Address MTU Set Max Transmission Unit, optional between default and manual 1500 ADSL Dialup (PPPoE) Settings
InRouter 700 Series User’s Manual www.inhandnetworks.com 36 Username Set username for dialing up Blank Password Set password for dialing up Blank Static IP Enable Static IP Disabled IP address Static IP Address Blank Peer IP Set Peer IP Blank Connection Mode Set connection mode (Connect on Demand/Always Online/ Manual) Always Online Advanced Options Show advanced options Enable advanced configuration Disabled Service Name Name the service Blank TX Queue Length Set TX Queue Length 3 Enable IP head compression Click to enable IP head compression Disabled User Peer DNS Enable User Peer DNS Disabled Link Detection Interval Set link detection interval 55 seconds Link Detection Max Retries Set link detection max retries 10 (times) Debug Select to enable debug-mode Disabled Expert Options Set expert parameters Blank ICMP Detection Server Set ICMP Detection Server Blank ICMP Detection Time Set ICMP Detection Time 30 ICMP Detection Timeout Set ICMP Detection Timeout 3 ICMP Detection Max Reties Set ICMP Detection Max Reties 3 (3) Link Backup (for IR704/714/794 only) Link Backup, to realize link backup between Cellular WAN and Ethernet WAN, when one fails, IR7X1GS55 will try the other Name Description Default Enable Enable Link Backup service Disabled Main Link InRouter will choose this for normal WAN connection WAN (Ethernet WAN) ICMP Detection Server ICMP can ensure a link to certain destination ICMP Detection Interval Time interval between ICMP packages 10 ICMP Detection Timeout Timeout for each ICMP package 3 (seconds) ICMP Detection Max Retries After the retries if no ICMP succeed, dialup will try the backup link 3 Backup Link Select the backup link WAN
InRouter 700 Series User’s Manual www.inhandnetworks.com 37 (4) LAN Notice: please DO NOT set LAN address as: 192.168.3.x (an IP for DMZ port). Name Description Default MAC Address The MAC address in LAN 00:10:A1:86:95:02 (Provided by InHand) , for manufactures IP Address Set IP Address in LAN 192.168.2.1 (If Changed, you need to input the new address for entering the configuration web) Net Mask Set Net Mask of LAN 255.255.255.0 MTU Set MTU length, optional between Default and Manual 1500 Detection Host Set Detection Host Address 0.0.0.0 WOL MAC Address Set the MAC of PC in the LAN of router, for Wakeup Over LAN (WOL) function, you should also set “Networks”Æ “Dialup” and change dialup mode into “Trigger by SMS”. Blank Multi-IP Settings (Support additional 8 IP addresses at the most) IP Address Set additional IP Address of LAN Blank Description Description about this IP address Blank (5) Loopback
InRouter 700 Series User’s Manual www.inhandnetworks.com 38 Name Description Default IP Address The IP Address for loopback 127.0.0.1 Net Mask Set Net Mask of loopback host 255.0.0.0 Multi-IP Settings (Support additional 8 IP addresses at the most) IP Address/Net mask Set additional IP/Net mask of loopback host Blank Description Description about this IP address Blank (6) DMZ Port (for InRouter704/714/794 only) Configure this page after select WAN-DMZ-LAN mode in Port Mode page. Name Description Default MAC Address Set MAC address of DMZ port (Provided by Manufacture: InHand) IP Address Set IP Address of DMZ port 192.168.3.1 Net Mask Set Net Mask of DMZ port 255.255.255.0 MTU Optional between Default & Manual Default (1500) Multi-IP Settings (8 additional IP address at the most) IP Address Set additional IP address for DMZ port Blank Net Mask Set Net Mask Blank Description Description of additional IP address Blank (7) Port Mode (for InRouter704/714/794 only) Notice: please DO NOT set WAN IP/LAN IP/DMZ IP the same; it will disable your link to internet! Name Descriptions Default Port Mode LAN (four LAN ports) WAN-LAN (3 LAN ports and 1 WAN port) WAN-DMZ-LAN
InRouter 700 Series User’s Manual www.inhandnetworks.com 39 WAN-DMZ-LAN (1 WAN port, 1 DMZ port and 2 LAN ports) (8) Port Mirror (for InRouter704/714/794 only) This function is used for Engineer capture packages of different ports of IR7X1GS55. Destination Port: the port to which you wand to send the copied packages. Here we set Port 3 as example, after you set Port 1 as destination port, and Port 3“Both”, you can link your PC to Port 1 and get the packages sent and received by Port 3. (9) DNS Name Description Default Primary DNS Set Primary DNS Blank Secondary DNS Set Secondary DNS Blank (10) DDNS (Dynamic DNS) Name Description Default Current Address Show the current IP address Blank Service Type Select DDNS Provider Disabled
InRouter 700 Series User’s Manual www.inhandnetworks.com 40 Name Description Default Service Type DynDNS - Dynamic URL http://www.dyndns.com/ Username Registered username for DDNS Password Registered password for DDNS Hostname Registered hostname for DDNS (11) Static Route Name Description Default Destination Set IP address of destination Blank Net Mask Set subnet Mask of destination 255.255.255.0 Gateway Set the gateway of destination Blank Interface Optional LAN/WAN port access to destination Blank Description Describe static route Blank 3.1.4 Service Service settings include DHCP Service, DNS Forwarding, VRRP and other related parameters.
InRouter 700 Series User’s Manual www.inhandnetworks.com 41 (1) DHCP Service Name Description Default Enable DHCP Click to enable DHCP Enable IP Pool Starting Address Set the starting IP address of DHCP pool 192.168.2.2 IP Pool Ending Address Set the ending IP address of DHCP pool 192.168.2.100 Lease Set the valid time lease of IP address obtained by DHCP 60 minutes DNS Set DNS Server 192.168.2.1 Windows Name Server (WINS) Set WINS Blank Static DHCP (can set 20 designated IP address at the most) MAC Address Set the MAC address of a designated IP address Blank IP address Set the static IP address 192.168.2.2 Host Set the hostname Blank (2) DNS Relay Name Description Default Enable DNS Relay Click to enable DNS Relay Disabled Designate IP address<=>DNS couples (20 at the most) IP Address Set IP address <=> DNS couples Blank Host Set the name of IP address <=> DNS couples Blank Description Describe IP address <=> DNS couples Blank
InRouter 700 Series User’s Manual www.inhandnetworks.com 42 (3) DHCP Relay This function can realize DHCP relay and send relay packages to LAN interface of router. Name Description Default Enable DHCP Relay Click to enable DHCP Relay Enable (after enable DHCP) DHCP Server Set the DHCP Server’s address, always you need ensure DHCP server is in the same LAN or VPN subnet as IR7X1GS55’s LAN Blank Source IP The interface IR7X1GS55 will forward the DHCP acknowledge packages (always set the LAN IP of IR7X1GS55) Blank (4) VRRP Name Description Default Enable Select to enable VRRP Disable Group ID Select group id of routers (range 1-255) 1 Priority Select priority for router (range 1—254) 10 (bigger number stands for higher priority) Advertisement Interval Set ad interval 60 sec Virtual IP Set Virtual IP Blank Authentication Type Optional: None/Password type None
InRouter 700 Series User’s Manual www.inhandnetworks.com 43 (5) Device Manager Name Description Default Mode Disabled/Only SMS/SMS+IP Disable Name Description Default Mode Only SMS Query SMS Interval Set how long to check SMS 24 hours Trust Phone List Add trust Cell Phone List Name Description Default Mode SMS+IP Mode Vendor Set Vendor Name Default Device ID Set Device ID Server Set Device Manager Server IP Port Set Port For DM 9000 Login Retries Set login retries 3 Heartbeat Interval Set interval of heartbeat 120 Packet Receiving Timeout Set packet receiving timeout 30
InRouter 700 Series User’s Manual www.inhandnetworks.com 44 Packet Transmit Retries Set packet transmit reties 3 Query SMS Interval Set how long to check SMS 24 Trust phone list Set trust cell phone list (6) DTU Name Description Default Enable Click to enable DTU Disable DTU Protocol Set DTU protocol, Please see more in related Quick Guide Transparent Protocol Optional between TCP/UDP UDP Work Mode Set DTU as client or server Client DTU ID Set ID of DTU Blank Multi Server Set the IP address and Port of server to receive data. Blank (7) SMS Name Description Default Enable Click to enable SMS control Disable Status Query Set Status Query SMS, and you can see status of router by send SMS (e.g.: show status). Reboot Let the router reboot SMS Access Control Default Policy Block or Accept control SMS from certain Phone Block
InRouter 700 Series User’s Manual www.inhandnetworks.com 45 Phone List Include phone numbers accepted or blocked to send SMS to router Notice: before using this function, please notice you have a SIM card with SMS function in the router, else, please contact local mobile operator. SMS you will get in your mobile phone: Host: (SN); Uptime: (the uptime of router for this time of reboot); State: (Online/Offline) (Cellular WAN IP) LAN: (Up) (LAN IP) (8) LLDP (Link Layer Discovery Protocol) Name Description Default Enable Click to enable LLDP Disable Tx Interval Set DTU protocol Transparent 3.1.5 Firewall This page is to set parameters concerned with firewall. (1) Basic Configuration Name Description Default Default Filter Policy Optional between Accept /Refused Accept Block Anonymous WAN Request (ping) Click to enable filer ping request Disable Filter Multicast Click to enable filter multicast Enable Defend DoS Attack Click to enable Defend DoS Attack Enable (2) Filtering Name Description Default
InRouter 700 Series User’s Manual www.inhandnetworks.com 46 Enable Click to enable filtering Blank Protocol Optional among TCP/UDP/ICMP All Source IP address Set Source IP address Blank Source Port Set Source Port Blank Destination IP Set destination IP Blank Destination Port Set destination port Blank Action Accept/Deny Accept Log Click to enable login Disable Description Describe your configuration Blank (3) Port Mapping Name Description Default Enable Click Enable Port Mapping Disable Source To fill with source IP 0.0.0.0/0 Service Port Fill the port of service 8080 Internal Address Set the internal IP for mapping Blank Internal Port Set the Port mapping to internal 8080 Log Click to enable log about port mapping. Disable Description Describe meanings of each mapping Blank (4) Virtual IP Mapping An internal PC’s IP can match to a virtual IP, and external network can access to internal PC via this virtual IP address. Name Description Default Virtual IP for Router Set Virtual IP for Router Blank Source IP Range Set range of source IP address Blank Virtual IP Set virtual IP Blank Real IP Set real IP Blank
InRouter 700 Series User’s Manual www.inhandnetworks.com 47 Log Enable logging concerned with virtual IP Disable Description Describe this configuration Blank (5) DMZ (All Port Mapping) Mapping all the ports and then external PC can get access to all the ports of internal device behind IR7X1GS55. Attention: this function cannot help to map the admin port of IR7X1GS55 (e.g.: 80 TCP) to the device’s port. Name Description Default Enable DMZ Click to Enable DMZ Disable DMZ Host Set host IP of DMZ Blank Source Address Range Set IP address with restrict IP access Blank (6) MAC-IP Bundling When firewall denies all access to the external network, only PC with MAC-IP Bundling can access to external network Name Description Default MAC Address Set Bundling Mac address Blank IP Address Set Bundling IP address 192.168.2.2 Description Describe this configuration Blank 3.1.6 QoS Name Description Default Enable Click to enable Disable Outbound Limit Max Bandwidth Set the limit speed of out- bound bandwidth 100000kbit/s Inbound Limit Max Bandwidth Set the limit speed of inbound bandwidth 100000kbit/s
InRouter 700 Series User’s Manual www.inhandnetworks.com 48 3.1.7 VPN This page introduces the parameters set in InRouter 700’s Web. (1) IPSec Settings (For IR711/791/714/794 only) To build an IPSec VPN Tunnel, you need first set IPSec properties in this page, then turn to IPSec Tunnels to add your VPN: IPSec Settings Description: 1. Select to Enable or Disable NATT, normally we need to enable, unless you ensure there is no NAT routers in the network. 2.Select to enable Compression Mode or Debug Name Description Default Enable NAT Transversal (NATT) Click to enable NATT Enable Keep alive time interval of NATT Set live time for NATT 60 sec Enable Compression Click to enable Enable Enable Debug Click to enable Disable Force NATT Click to enable Disable (2) IPSec Tunnels (For IR711/791/714/794 only) Click “Add” and enter the configuration web:
InRouter 700 Series User’s Manual www.inhandnetworks.com 49 Name Description Default Show Advanced Options Click to enable advanced options Disable Basic Parameters Tunnel Name To name the tunnel IPSec_tunnel_1 Destination Address Set the destination address of IPSec VPN Server Blank Startup Mode Auto Activate/Trigged by Data/Passive/Manually Activated Enable Negotiation Mode Optional: Main Mode or Aggressive Mode Main Mode IPSec Mode (Enable Advanced options) Optional: ESP or AH ESP IPSec Mode Optional: Tunnel Mode or Transport Mode Tunnel Mode
InRouter 700 Series User’s Manual www.inhandnetworks.com 50 (Enable Advanced options) Tunnel Type Optional: Host——Host, Host——Subnet, Subnet——Host, Subnet——Subnet Subnet——Subnet Mode Local Subnet Set IPSec Local Protected Subnet 192.168.2.1 Local Subnet Net Mask Set IPSec Local Protected Subnet Net Mask 255.255.255.0 Remote Subnet Address Set IPSec Remote Protected Subnet Blank Remote Subnet Net Mask Set IPSec Remote Protected Subnet Net Mask 255.255.255.0 Phase 1 Parameters IKE Policy Optional: 3DES-MD5-96 or AES-MD5-96 3DES-MD5-96 IKE Lifetime Set IKE 的 Lifetime 86400 sec Local ID Type Optional: FQDN, USERFQDN, or IP Address IP Address Local ID (Only for FQDN 和 USERFQDN) Set the ID according to ID type Blank Remote ID Type Optional: FQDN, USERFQDN, or IP Address IP Address Remote ID (Only for FQDN and USERFQDN) Set the ID according to ID type Blank Authentication Type Optional: Shared Key or Certificate Shared Key Key (While choosing Shared Key Authentication Type) Set IPSec VPN Negotiation Key Blank Phase 2 Parameters IPSec Policy Optional: 3DES-MD5-96 or AES-MD5-96 3DES-MD5-96 IPSec Lifetime Set IPSec Lifetime 3600sec Perfect Forward Secrecy (PFS) Optional: Disable, GROUP1, GROUP2, GROUP5 Disable ((Enable Advanced options) Link Detection Parameters (Enable Advanced options) DPD Time Interval Set DPD Time Interval 60sec DPD Timeout Set DPD Timeout 180sec ICMP Detection Server Set ICMP Detection Server Blank ICMP Detection Local IP Set ICMP Detection Local IP ICMP Detection Interval Set ICMP Detection Interval 30sec ICMP Detection Timeout Set ICMP Detection Interval 5sec ICMP Detection Max Retries Set ICMP Detection Max Retries 3 (3) GRE Tunnels (For IR711/791/714/794 only) GRE Tunnels Name Description Default
InRouter 700 Series User’s Manual www.inhandnetworks.com 51 Enable Click Enable Enable Tunnel Name Set GRE Tunnel Name tun0 Local Virtual IP Set Local Virtual IP 0.0.0.0 Remote Address Set Remote Address 0.0.0.0 Remote Virtual IP Set Remote Virtual IP 0.0.0.0 Remote Subnet Address Set Remote Subnet Address 0.0.0.0 Remote Subnet Net Mask Set Remote Subnet Net Mask 255.255.255.0 Key Set Tunnel Key Blank NAT Click Enable NAT Function Disable Description Add Description Blank (4) L2TP Clients (For IR711/791/714/794 only) Name Description Default Enable Click Enable Enable Tunnel Name Set Tunnel Name L2TP_TUNNEL_1 L2TP Server SetL2TP Server Address Blank Username Set Server Username Blank Password Set Server Password Blank Server Name Set Server Name l2tpserver Startup Modes Set Startup Modes: Auto Activated, Trigged by Data, Manually Activated Auto Activated Authencation Type Set Authencation Type: CHAP, PAP CHAP Enable Challenge secrets Set to enable Challenge secrets Disable Local IP Address Set Local IP Address Blank Remote IP Address Set Remote IP Address Blank Remote Subnet Set Remote Subnet Blank Remote Subnet Net Mask Set Remote Subnet Net Mask 255.255.255.0 Link Detection Interval Set Link Detection Interval 60 Max Retries for Link Detection Set Max Retries for Link Detection 5
InRouter 700 Series User’s Manual www.inhandnetworks.com 52 Enable NAT Click Enable NAT Disable MTU Set MTU parameters 1500 MRU Set MRU parameters 1500 Enable Debug Mode Click Enable Debug Mode Disable Expert Options Set Expert Options Blank (5) PPTP Clients (For IR711/791/714/794 only) Name Description Default Enable Click Enable Enable Tunnel Name Set Tunnel Name PPTP_TUNNEL_1 PPTP Server Set PPTP Server Address Blank Username Set Server Username Blank Password Set Server’s Password Blank Startup Mode: Set Startup Modes: Auto Activated, Trigged by Data, Manually Activated Auto Activated Authencation Type Set Authencation Type: CHAP, PAP, MS-CHAPv1, MS-CHAPv2 Auto Local IP Address Set Local IP Address Blank Remote IP Address Set Remote IP Address Blank Remote Subnet Set Remote Subnet Blank Remote Subnet Net Mask Set Remote Subnet Net Mask 255.255.255.0 Link Detection Interval Set Link Detection Interval 60 Max Retries for Link Detection Set Max Retries for Link Detection 5 Enable NAT Click Enable NAT Blank Enable MPPE Click Enable MPPE Blank Enable MPPC Click Enable MPPC Blank MTU Set MTU parameters 1500
InRouter 700 Series User’s Manual www.inhandnetworks.com 53 MRU Set MRU parameters 1500 Enable Debug Mode Click Enable Debug Mode Blank Expert Options For InHand R&D only Blank (6) Open VPN Tunnels (for IR791/794 only) In the configuration WEB of 700, select “VPN”=> “Open VPN Tunnels” as below: Click “Add” to add a new Open VPN tunnel: Name Description Tunnel name Can’t be set Enable Enable this configuration Mode Client or Server Protocol UDP or TCP
InRouter 700 Series User’s Manual www.inhandnetworks.com 54 (7) Open VPN Advanced (for IR791/794 only) This configuration page is only used for the Open VPN Server. Name Description Enable Client-to-Client Enable client access to other clients Client Management Tunnel Name Tunnel Name of the Client Username/Common Name Username (using Username/password mode) or Common Name in CA (CA mode) Port Import or Export Certificate (CRL) OPEN VPN Server OPEN VPN Server’s IP or DNS Authencation Type (1) None ----- for host to host connection (not available when 700 as server) (2) Pre-shared Key ----- for host to host connection (not available when 700 as server) (3) User/Password ----- For multi users to access CA needed: Client: root CA (ca.crt) Server: root CA (ca.crt), public key (pub.crt), private key (pri.key) (4) X.509 Cert (multi-client) ----- CA mode for multi users to access CA needed: Client: root CA (ca.crt), public key (pub.crt), private key (pri.key) Server: root CA (ca.crt), public key (pub.crt), private key (pri.key) (5) X.509 Cert -----CA mode for host to host tunnel CA needed: Client: root CA (ca.crt), public key (pub.crt), private key (pri.key) Server: root CA (ca.crt), public key (pub.crt), private key (pri.key) (6) User+X.509 mode------username + password + CA certificate CA needed: Client: root CA (ca.crt), public key (pub.crt), private key (pri.key) Server: root CA (ca.crt), public key (pub.crt), private key (pri.key) Pre-shared Key Set shared key or TLS-AUTH static password Remote Subnet, Remote Net mask Set the static route of the router, always towards the subnet of its peer Link Detection Interval, Link Detection Timeout Always use default Renegotiate Interval Always use default Enable NAT Set NAT mode, meanwhile it will disable route mode Enable MPPE Enable MPPE, always set in server Enable LZO Enable LZO compression Encryption Algorithms Set encryption algorithms, must match with the server MTU, Max Fragment Size Always use default
InRouter 700 Series User’s Manual www.inhandnetworks.com 55 Local Static Route The client subnet Remote Static Route The server subnet Attention: CA can only be produced by customer’s PC; InRouter 700 cannot produce CA. (8) Certificate Management (for IR791/794 only) Name Description Default Enable SCEP (Simple Certificate Enrollment Protocol) Click Enable Certificate Protected Key Set Certificate Protected Key Blank Certificate Protected Key Confirm Confirm Certificate Protected Key Blank Import/Export CA Certificate Import or Export (CA) Certificate Blank Import/Export Certificate (CRL) Import or Export Certificate (CRL) Blank Import/Export Public Key Certificate Import or Export Public Key Certificate Blank Import/Export Private Key Certificate Import or Export Private Certificate Blank 3.1.8 Tools Tools contain PING Detection, Route Trace, Link Speed Test and etc. (1) PING Name Description Default Host Destination for PING Blank Ping Count Set PING Counts 4 times Packet Size Set PING Packet Size 32 Bytes Expert Options Advanced parameters Blank
InRouter 700 Series User’s Manual www.inhandnetworks.com 56 (2) Trace Route Name Description Default Host Destination for Trace Route Blank Max Hops Set Max Hops 20 Time Out Set Time Out 3 sec Protocol Optional: ICMP/UDP UDP Expert Options Advanced parameters Blank (3) Link Speed Test Test link speed via unload or download 3.1.9 Status Status contains System, Modem, Network Connections, Route Table, Device List and Log. (1) System Status This page shows the status of system, including Name, Model Type, Current Version and etc.
InRouter 700 Series User’s Manual www.inhandnetworks.com 57 (2) Modem Status This page shows the status of Modem, including the signal level. (3) Network Connections This page shows the network connections via WAN or LAN (4) Route Table This page shows the route table of IR7X1GS55.
InRouter 700 Series User’s Manual www.inhandnetworks.com 58 (5) Device List This page shows the devices linked with IR7X1GS55. (6) Log This page shows the log of system, including download log file. For some situation when there’re some problems that can’t be diagnosed at the moment, you’ll be asked to provide the diagnose log to InHand engineers, you can click “Download System Diagnosing Data” then send the diagnose log to us.
InRouter 700 Series User’s Manual www.inhandnetworks.com 59 3.2 Support In case you have problems with the installation and use, please address them to us by e-mail: support@inhandnetworks.com. Copyright © 2011 InHand Networks, All rights reserved. Tel: 86-10-64391099-8022 Fax: 86-10-64399872 Address: Wangjing Science Park, Road Lizezhonger, Chaoyang District, Beijing, P. R. C, 100102 Website: http://www.inhandnetworks.com Email: info@inhandnetworks.com Subject to alterations without notice.

Navigation menu