3G Cellular Modem / RouterWeb configuration reference guidewww.westermo.comREV.b 6623-3201 2008-10 Mälartryck AB, Eskilstuna, Sweden©Westermo Telei
10 6623-32011.1.5 Checking the Status of the ConnectionTo check the status of the connection select Status from the top level menu and then select Wir
100 6623-32015.6.4 Editing a Custom NATA custom NAT can be edited by clicking the pencil icon in the Edit column of the filter to be changed. Once cli
1016623-3201To save the changes click the Update button or to lose the changes click Cancel. The main page will again be displayed as shown in Figure
102 6623-32015.6.5 Deleting a Custom NATA custom NAT can be deleted by clicking the bin icon in the Delete column of the NAT to be deleted. A warning
1036623-3201The custom NAT table will be displayed with the custom NAT removed, as shown in Figure 84. 84.Figure 84: Custom NAT table after deleting a
104 6623-32016 Virtual Private Network (VPN)A virtual private network (VPN) is a communications network tunneled through another network, in the case
1056623-32016.1 Secure Sockets Layer (SSL) VPN.Secure Sockets Layer (SSL), are cryptographic protocols that provide secure communications over a commu
106 6623-32016.1.1 SSL VPN ConfigurationTo access the SSL VPN configuration page, select VPN on the main menu, the SSL VPN configuration page is the f
1076623-3201Basic Configuration optionsEnabled Check the box to enable the SSL VPN.Connection ProtocolDropdown box to select the connection protocol,
108 6623-3201CertificateSpecify the certificate to use for authentication. For details on how to load certificates refer to Section 6.5 Certificate Ma
1096623-3201Encryption algorithm Specify the encryption algorithm to use from the drop-down list, the options are:DES • Data Encryption Standard.3DES
116623-3201Figure 9: Status alarm page.
110 6623-32016.1.2 Connecting to a VPN ServerAn example of connecting to a VPN server will be described. Figure 86 illustrates the network which will
1116623-3201Select VPN on the main menu, to display the the SSL VPN con-figuration page. Figure 87 shows the MRD-3xx SSL based VPN configuration with
112 6623-3201Basic Configuration optionsEnabled: CheckedConnection Protocol: UDPTransport Type: Routed Remote address: 123.123.123.123Remote port: 119
1136623-3201Once the configuration has been completed click the Update button to save the changes. The SSL VPN will now be started and it will attempt
114 6623-3201The MRD-3xx has responded to the ping and the byte counters on the status page have increased as seen in Figure 89.Figure 89: SSL VPN sta
1156623-32016.2 Internet Protocol Security (IPsec) VPNInternet Protocol Security (IPsec) is a suite of standards and protocols for securing Internet
116 6623-32016.2.1 General IPsec ConfigurationTo access the MRD-3xx IPsec VPN configuration page click VPN on the main menu then click IPsec VPN on th
1176623-3201General IPsec ConfigurationEnabledCheck the box to enable the IPsec VPN. Default is disdisabled.NAT traversal enabled & keepalive peri
118 6623-32016.2.2 Adding an IPsec TunnelTo add an IPsec tunnel click the Add new tunnel button, this will display the first of 3 pages used to config
1196623-3201Tunnel ConfigurationIPsec Tunnel configuration is the first stage in adding a new IPsec tunnel. The options are as follows:Label Set the l
12 6623-32011.2 Configure the LAN interface and DHCP ServerTo access the configuration page for the LAN interface and DHCP Server, select Network from
120 6623-3201Local nexthop The nexthop gateway IP address for the connection to the public network. If the local interface is set to default this opti
1216623-3201Initiate tunnel Check the box to enable the tunnel initiation. If the wireless IP address is dynamic then this option would normally be en
122 6623-3201Figure 92: IPsec Phase 1 configuration.Phase 1 ConfigurationThe Phase 1 Configuration is used to set the parameters for the first phase o
1236623-3201Pre-shared key This field is used to enter the Pre-Shared Key if this method of authentication was selected. To enter a new key check the
124 6623-3201IKE proposal A set of parameters for Phase I IPSec negotiations. The param-eters are encryption algorithm, authentication algorithm and t
1256623-3201Figure 93: IPsec Phase 2 configuration.
126 6623-3201Phase 2 ConfigurationPhase 2 establishes the IPsec Security Associations (SA) parameters in order to establish an IPsec tunnel. Phase 2 h
1276623-3201Perfect forward secrecy & group In an authenticated key-agreement protocol using public key cryptography, such as Diffie-Hellman key e
128 6623-3201Tunnel NetworksThe second section on this page is used to configure the IPsec tunnel networks. Up to 3 tunnel definitions can be configur
1296623-3201AddressesFor host connections enter an IP address, for network con-nections enter an network IP address including netmask, for example 10.
136623-3201to serve IP addresses in the range 192.168.2.210 through 192.168.2.240, and the Default and Maximum lease times have been set to 1440 minut
130 6623-32016.2.3 IPsec Configuration ExampleThe following example demonstrates how to add an IPsec tunnel to the MRD-3xx, Figure 94 illustrates the
1316623-3201Figure 95: IPsec tunnel configuration.To configure the tunnel as describe the following parameters are entered:Label: TestEnabled: On (Che
132 6623-3201Once entered click the Next button to continue to Phase 1 configuration.Phase 1 ConfigurationThe Phase 1 Configuration page is shown in F
1336623-3201To achieve the configuration described the following param-eters are entered:Authentication method: Pre-shared key Pre-shared key: New:
134 6623-3201Figure 97: IPsec phase 2 and tunnel configuration.The configuration described requires the following parameters to be entered:ESP proposa
1356623-3201Tunnel Network SettingsThe local tunnel will be configured as a virtual host with the IP address 11.22.33.44 and the remote connection wil
136 6623-3201Enable IPsecTo complete the configuration in the General IPsec Configuration enable IPsec by checking the enabled check-box, and as the t
1376623-3201Figure 100: IPsec connection status.Figure 101: IPsec connection status detail.
138 6623-32016.3 PPTP and L2TP6.3.1 Point-to-Point-Tunneling-ProtocolThe Point-to-Point-Tunneling-Protocol (PPTP) is used for establishing Virtual Pri
1396623-32016.3.2 Layer 2 Tunnel ProtocolThe Layer 2 Tunnel Protocol (L2TP) is an Internet Engineering Task Force (IETF) standard which combines the b
14 6623-32011.3 Configure clients to use the MRD-3xxThe MRD-3xx will act as a gateway for connections destined over the wireless interface. The defaul
140 6623-32016.3.3 PPTP and L2TP ConfigurationTo access the PPTP & L2TP configuration page click VPN on the main menu then PPTP & L2TP on the
1416623-32016.3.4 Add a PPTP or L2TP TunnelTo add a new PPTP or L2TP tunnel click the Add new tunnel button, the Add new tunnel page will be displayed
142 6623-3201Remote host Specify the IP address or fully qualified domain name of the remote host.Domain Specify the Windows network domain. (Optional
1436623-32016.3.5 PPTP Configuration ExampleThe following is an example of connecting a PPTP tunnel to a PPTP VPN server, Figure 104 illustrates the n
144 6623-3201To access the PPTP & L2TP configuration page click VPN on the main menu then PPTP & L2TP on the sub-menu. The PPTP & L2TP pag
1456623-3201The following settings are used to configured the tunnel as described:Label: TestEnabled: On (Checked)Type: PPTPRemote host: 123.123.123.1
146 6623-3201To check the status of the page click Status on the main menu and then VPN on the sub-menu, the VPN status page will then be displayed. F
1476623-32016.4 Multiple VPN TunnelsThe MRD-3xx allows multiple VPN tunnels to operate simul-taneously. One SSL VPN, up to 3 IPsec tunnels and up to 3
148 6623-32016.5 Certificate ManagementDigital certificates are a form of digital identification used for authentication. A digital certificate contai
1496623-32016.5.1 Add a CertificateTo add a certificate click the Browse button, then navigate to the certificate and select it. In the example shown
156623-32012 System AdministrationThe System Administration functions are accessed by selecting the System tab of the main menu.2.1 AdministrationTo a
150 6623-3201To upload the certificate to the MRD-3xx click the Upload to MRD-3xx button the page will be updated and the certificate will be added to
1516623-32016.5.2 Checking the Certificate DetailsOnce uploaded the details of a certificate can be displayed by clicking view located in the detail c
152 6623-32016.5.3 Adding Further CertificatesAdditional certificates can be uploaded to the MRD-3xx, the process is the same as adding the first cert
1536623-3201An example of adding a second certificate is shown in Figure 113. In this example the file demoClient2.p12 is selected, this file contains
154 6623-32016.5.4 Deleting a CertificateA certificate can be deleted by clicking the bin icon in the Delete column of the certificate to be deleted.
1556623-3201The certificate table will be displayed with certificate removed, as shown in Figure 116.Figure 116: VPN Certificate list with the second
156 6623-32017 Serial ServerThe serial server is used to transfer data between a physical serial port and an IP connection. The IP connection can be v
1576623-3201DNP3 IP-Serial Gateway The serial server will act as a DNP3 outstation to be polled by a SCADA master. The outstation mode is configurable
158 6623-32017.2 Common configuration options7.2.1 Serial port settingsRegardless of the selected port function, each port needs to be configured to m
1596623-3201NoneNo flow control is enabled.Hardware The port will use the RTS and CTS handshake lines to control the flow of data.Software The port wi
16 6623-3201The options available are:Hostname • Set the required hostname for the MRD-3xx.• Check time with NTP Server • Set to Yes to synchronise th
160 6623-32017.2.2 Packet framer settingsThe packet framer is available for all port functions that carry raw data (these settings are not available f
1616623-3201Timeout before sendingThe timeout allows data accumulated by the framer to be sent after a specified period of serial receive inactivity.
162 6623-32017.3 Raw TCP Client/Server7.3.1 DescriptionThe serial server will create a transparent pipe between the serial port and a TCP network conn
1636623-32017.3.3 Configuring the port functionOnce the port function has been selected, click the pencil icon in the Edit column to change the config
164 6623-3201As shown in Figure 120, the following options can be set for the Raw TCP Client/Server:Network type The Raw TCP serial server can be conf
1656623-3201Failed connects before giving up For Accept and Connect network modes, the serial server will attempt to establish a connection for the nu
166 6623-32017.4 Raw UDP7.4.1 DescriptionThis function is similar to Raw TCP Client/Server mode, but uses UDP as the network transport. UDP has lower
1676623-32017.4.3 Configuring the port functionOnce the port function has been selected, click the pencil icon in the Edit column to change the config
168 6623-3201As shown in Figure: 122, the following options can be set for Raw UDP mode:Send address This is the address the serial server will send U
1696623-32017.5 Unit Emulator7.5.1 DescriptionThe serial server provides an AT command interface at the serial port that simulates a traditional dial-
176623-32012.2 System InformationThe MRD-3xx System Information is accessed by selecting the System Information tab from the System sub-menu. An examp
170 6623-32017.5.3 Configuring the port functionOnce the port function has been selected, click the pencil icon in the Edit column to change the confi
1716623-3201As shown in Figure 124, the following options can be set for the Unit Emulator:Dial out destination address This field determines how the
172 6623-3201Accept port This is the TCP port number that the server will listen for connections on.On-answer signaling When set, the emulator will be
1736623-3201DTR function This field determines the default response of the unit to changes in the Data Terminal Ready (DTR) handshaking line. The foll
174 6623-32017.6 DNP3 IP-Serial Gateway7.6.1 DescriptionThe DNP3 IP-Serial Gateway carries out translation between DNP3 Serial and DNP3 TCP protocols.
1756623-32017.6.2 Selecting the port functionThe serial server configuration is accessed by selecting Serial Server from the main menu and Port Setup
176 6623-32017.6.3 Configuring the port functionOnce the port function has been selected, click the pencil icon in the Edit column to change the confi
1776623-3201As shown in Figure 126 the following options can be set for the DNP3 Serial-IP Gateway:Station typeThe DNP3 IP-Serial Gateway can be confi
178 6623-3201Only accept data from master IP address When set, this field will cause the serial server to only accept data sourced from the address se
1796623-3201Master address and port Packets transmitted over network will always be sent to the address specified in the Master address and Master por
18 6623-32012.3 Configuration Backup & RestoreThe configuration of the MRD-3xx can be saved as a file to a PC. This file can then be used to resto
180 6623-32017.7 Modbus IP-Serial Gateway7.7.1 DescriptionThe Modbus IP-Serial Gateway carries out translation between Modbus/TCP and Modbus/RTU or Mo
1816623-32017.7.3 Configuring the port functionOnce the port function has been selected, click the pencil icon in the Edit column to change the config
182 6623-3201Connection timeout When this field is set to a value greater than 0, the serial serv-er will close connections that have had no network r
1836623-32017.8 Telnet (RFC 2217) Server7.8.1 DescriptionTelnet server mode is ideal for connecting serial terminal equipment, as a standard Telnet cl
184 6623-32017.8.2 Selecting the port functionThe serial server configuration is accessed by selecting Serial Server from the main menu and Port Setup
1856623-32017.8.3 Configuring the port functionOnce the port function has been selected, click the pencil icon in the Edit colum to change the configu
186 6623-3201As shown in Figure 130, the following options can be set for the Telnet Server:Accept port This field determines the TCP port number that
1876623-32017.9 Phone Book7.9.1 DescriptionThe Phone Book works in conjunction with the Unit Emulator to provide a translation table from traditional
188 6623-32017.9.2 Phone Book OptionsTo access the phone book options click the Add new phone book entry button on the main Phone Boook page. Figure 1
1896623-32017.9.3 Adding a new phone book entryFrom the main phone book page click the Add new phone book entry button. An example of adding a new ent
196623-3201To restore a configuration, click the Browse button in the sec-tion titled Restore a saved configuration select the configuration file, whi
190 6623-3201Click Update to save the new entry. The phone book table will be updated to include the new entry as shown in Figure 134.Figure 134: The
1916623-3201To commit the new phone book entry to the table, click the Update button. The main page will again be shown with the new entry added, as s
192 6623-32017.9.4 Editing a phone book entryA phone book entry can be editied by clicking the pencil icon in the Edit column of the entry to be chang
1936623-3201Figure 138: Main phone book page with revised entry7.9.5 Deleting a phone book entryA phone book entry can be deleted by clicking the bin
194 6623-3201Figure 139: Deleting a phone book entryThe phone book table will be displyed with the entry removed, as shown in Figure 140.Figure 140: P
1956623-32018. AT Command SetThis section lists the AT Commands support by the MRD-3x0 Modem/Router. The commands are accessed via the serial port whe
196 6623-3201Extended Command SetCommand Description Usage&C Data Carrier Detect (DCD) modeAT&C0 – DCD always onAT&C1 – DCD on while in
1976623-3201Configuration RegistersRegister Description UsageS0 Rings until incoming call is automatically answeredNo auto answer: ATS0=0Answer after
198 6623-3201Wireless Network-Specific CommandsCommand Description Usage+CREG Query the current network registration stateAT+CREG=? If registered wi
REV.b 6623-3201 2008-10 Mälartryck AB, Eskilstuna, SwedenWestermo Teleindustri AB • SE-640 40 Stora Sundby, SwedenPhone +46 16 42 80 00 Fax +46 16
2 6623-32011 Basic Configuration ... 41.1 Configure the 3G Wireless interface .. 41.1.1 Network Configuration ...
20 6623-32012.4 Firmware UpgradeThe MRD-3xx firmware can be upgraded via the web inter-face. To access the firmware upgrade page select Backup & U
216623-3201To upload the file to the MRD-3xx click the Upload button. The file will now be uploaded to the MRD-3xx and, when it is complete, informat
22 6623-32012.5 SNMPThe MRD-3xx supports SNMP for network management of the unit. The SNMP configuration page can be accessed by selecting the SNMP ta
236623-32012.6 GPIO (MRD-330 only)The MRD-330 has two general purpose digital inputs and two general purpose digital outputs, the options for these ca
24 6623-32013 Wireless Interface ConfigurationThis section describes the 3G Wireless interface options of the MRD-3xx. The MRD-3xx supports two modes
256623-32013.1 Network ConfigurationThe Wireless Network options are used to set the operat-ing mode, select the frequency band of operation and set t
26 6623-32013.1.1 Wireless Operating ModeThe MRD-3xx support two modes of operation, packet mode and Circuit Switched Data (CSD) mode. In packet mode
276623-32013.1.2 Operating Frequency BandThe MRD-3xx is capable of operating on several frequencies and using the GSM or UMTS (3G) protocols. By defau
28 6623-3201Set the field marked Enter when requested to Yes and enter the PIN in the New PIN and Confirm PIN entry boxes. Then click the Set button t
296623-32013.2 Packet Mode ConfigurationThe packet mode options are described in this section.3.2.1 Adding a Network Connection ProfileTo access the w
36623-32015.4.4 Editing a Custom Filter ...795.4.5 Deleting a Custom Filter...815.5 Port Forwarding ...
30 6623-3201The 3G network provider will provide the items listed below which should be entered into the appropriate fields in the Add new profile sec
316623-3201Figure 30: Profile added and selected.Additional profiles can be added using the same procedure, to a maximum of five profiles. This is ill
32 6623-32013.2.2 Deleting a ProfileA profile can be deleted by clicking the Bin icon located in the Delete column, for the profile to be deleted. For
336623-32013.2.3 Editing a ProfileTo edit an existing profile click on the Edit icon for the profile you wish to edit. For example to edit profile 1 i
34 6623-32013.2.4 Enable the Wireless ConnectionTo complete the configuration of the wireless connection, the connection needs to be enabled. There ar
356623-32013.2.5 Checking the Status of the ConnectionTo check the status of the connection select the Status tab from the main menu and then select t
36 6623-3201The section titeld Network Status details the quality of the service available from the 3G network.The SIM Card field will only be shown i
376623-3201Figure 38: Wireless Status page showing a SIM fault.If the Status item doesn't show • Connected, verify the fol-lowing:Operation is •
38 6623-3201Once all errors have been resolved and the MRD-3xx is con-nected to a wireless network, the Status Alarms page should have no faults liste
396623-32013.3 Connection ManagementThe MRD-3xx has numerous options for managing the wire-less network connection, these option cover two main areas,
4 6623-32011 Basic ConfigurationThe three sections below detail the steps needed to config-ure the MRD-3xx for basic packet mode functionality. For de
40 6623-32013.3.1 Connection EstablishmentThe connection establishment options are used to set the parameters for initial connection to a providers wi
416623-3201Time to spend in CSD: Specify a time in minutes to remain in CSD mode before reverting to packet mode and attempting to establish a con-nec
42 6623-32013.3.2 Connection MaintenanceThe connection maintenance refers to the tests employed by the MRD-3xx to determine that a valid network conne
436623-32013.3.3 Remote Poll SetupThe remote poll setup is used to specify the poll type to use and the address of the server to poll. A primary and s
44 6623-32013.3.4 Miscellaneous OptionsAutomatically obtain DNS: If set to Yes the DNS server address passed when a connec-tion is established will be
456623-32013.3.5 Connect on DemandThe connect on demand settings are only valid if the Wireless connection state has been set to always connect, refer
46 6623-32013.4.1 CSD Single PortThe simplest configuration for Circuit Switched Data (CSD) is single port operation, this means that when a connectio
476623-32013.4.2 CSD MultiplexedThe Circuit Switched Data (CSD) Multiplexed mode allows any one of the available MRD-3xx serial ports to be selected a
48 6623-3201For example if the guard time is set to 2 seconds and the dis-connect character is 3F (? ASCII) then the disconnect sequence would be:<
496623-3201To configure CSD Multiplexed mode complete the following steps:1. Select the Wireless tab from the main menu and then select Circuit switch
56623-32011.1.1 Network ConfigurationThe Network Configuration section contains the settings for the operational mode and the frequency band of the un
50 6623-32013.5 SMS TriggersThe MRD-3xx provides SMS triggers which can be used to change the Wireless operating mode, reboot the unit and request a s
516623-3201Figure 43: SMS Triggers configuration page.
52 6623-32013.5.2 Access ControlThe SMS Access Control allows fine control over the access to the SMS triggers. The default policy can be set to allow
536623-32013.5.2.1 Example: Default policy acceptTo set the SMS Access Control for a default action of allow and to specifically block a number, refer
54 6623-32013.5.2.2 Example: Default policy to DropTo set the SMS Access Control for a default action of drop and to specifically accept a number, ref
556623-3201Figure 46: SMS Triggers number to accept added
56 6623-32014 NetworkThis section describes the confiuration of the Network or LAN settings. This includes setting the IP Address of the MRD-3xx Unit,
576623-3201Figure 47: LAN Interface configuration.Note: Once the IP Address has been changed the new IP address will need to entered into the web brow
58 6623-32014.1.2 Disabling the LAN InterfaceBy default the LAN interface is enabled. The LAN interface can be disabled if the LAN ports are not requi
596623-32014.2 DHCP Server ConfigurationThe DHCP server allows clients on the local network to be automatically allocated IP addresses from the MRD-3x
6 6623-32011.1.3 Adding a Network Connection ProfileTo access the wireless packet mode settings click on the Packet mode tab. The screen shown in Figu
60 6623-32012. Choose a group of available IP addresses on the local network. For example, if the IP address of the MRD-3xx is 192.168.2.200 with a ne
616623-32014.4 Domain Name System (DNS)The Domain Name System (DNS) is used to resolve domain names to IP addresses. When connecting to a wireless net
62 6623-32014.4.2 Manual DNS ConfigurationThe manual DNS configuration is used to select a DNS server other than the one automatically supplied by the
636623-3201Once registration is complete follow the steps below to configure the MRD-310/330, for reference Figure 51 show an example configuration.1.
64 6623-32015 Firewall The MRD-3xx has a Stateful Packet Inspection (SPI) Firewall that controls the connections from the wireless port to the LAN por
656623-32015.1.1 Network Address and Port Translation (NAPT)As connection pass from the LAN network out the wire-less port, the firewall can perform N
66 6623-32015.1.3 Connection tracking optionsThe firewall can be configured to optionally provide connec-tion tracking and NAT support for a number of
676623-32015.2 Access ControlThe Access Control page allows configuration of the firewall to allow or deny access to internal services of the unit fro
68 6623-32015.2.1 Accessing unit services from the wireless port or VPN tunnelsThe External Access table on the Access Control page is shown in Figure
696623-32015.3 DoS FiltersA denial of service attack (DoS attack) is an attempt to render a network device unavailable to intended users. The most com
76623-3201The 3G network provider will provide the items listed below which should be entered into the appropriate fields in the Add new profile secti
70 6623-32015.3.1 Enabling the Denial of Service filtersThe Filter Description table provides a number of DOS filters, as shown in Figure 54. The filt
716623-32015.4 Custom Filters5.4.1 DescriptionCustom Filters allow new rules to be added to the firewall to allow or deny specific packets. Packets ca
72 6623-32015.4.2 New Custom Filter OptionsThe custom filter options are shown when the Add new cus-tom filter button on the Custom Filters page is cl
736623-3201The following options can be set for each custom filter:Enabled Set the Enabled check box to have the rule installed in the firewall. A rul
74 6623-3201Source address If selected, either a single address (for example, 172.16.1.132) or a subnet range (for example, 172.16.0.0/24) can be ente
756623-32015.4.3 Adding a new custom filterFrom the main Custom Filters page click the Add new custom filter button. This will select the Add new cust
76 6623-3201To save the new filter click the Update button. The main Custom Filter page will again be shown with the new filter listed, as shown in Fi
776623-3201To add a second filter, again click the Add new custom filter button. In the example shown in Figure 59, a custom filter is created which w
78 6623-3201To add the filter to the filters table click the Update button, the main page will again be shown with the new filter added, as seen in Fi
796623-32015.4.4 Editing a Custom FilterA custom filter can be edited by clicking the pencil icon in the Edit column of the filter to be changed. Once
8 6623-3201Once the data has been entered click the Update button to add the profile. The screen will now change to show the added profile as shown in
80 6623-3201To save the changes click the Update button or to lose any changes click the Cancel button. The main page will again be displayed as shown
816623-32015.4.5 Deleting a Custom FilterA custom filter can be deleted by clicking the bin icon in the Delete column of the filter to be deleted. A w
82 6623-3201The filter table will be displayed with the filter removed, as shown in Figure 64.Figure 64: Custom filter table with filter 2 removed.
836623-32015.5 Port ForwardingPort forwarding rules alter the destination address (and optionally the destination port) of packets received on the wir
84 6623-32015.5.1 Port Forward OptionsTo access the port forward options click the Add new port for-ward button on the main port forwards page. Figure
856623-3201Source address For greater security, the source addresses that the forward will be applied to can be limited. In this field, either a singl
86 6623-32015.5.2 Adding a new port forwardFrom the main port forwards page, click the Add new port forward button. This will select the Add new port
876623-3201Click Update to save the new port forward. The port forward table will be updated to include the new port forward as shown in Figure 68.Fig
88 6623-3201To add the new port forward to the port forward table click the Update button. The main page will again be shown with the new port forward
896623-32015.5.3 Editing a port forwardA port forward can be edited by clicking the pencil icon in the Edit column of the port forward to be changed.
96623-32011.1.4 Enable the Wireless ConnectionTo complete the configuration of the wireless connection, set the Connection state to Always connect and
90 6623-3201To save the changes, click the Update button or to lose changes click the Cancel button. The main page will again be displayed as shown in
916623-32015.5.4 Deleting a port forwardA port forward can be deleted by clicking the bin icon in the Delete column of the forward to be deleted. A wa
92 6623-3201The port forward table will be displayed with the port for-ward removed, as shown in Figure 74.Figure 74: Port forward table of deleting a
936623-32015.6 Custom NAT5.6.1 DescriptionCustom NAT allow new rules to be added to the firewall to carry out Network Address Translation (NAT) that i
94 6623-32015.6.2 Custom NAT OptionsTo access the Custom NAT options click the Add new custom N AT button on the main Custom NAT page. Figure 76 shows
956623-3201The following options can be set for each custom NAT:EnabledSet the enabled check box to have the rule installed in the firewall. A rule ca
96 6623-3201Source port or range If selected, packets will be matched based on their TCP or UDP source port. Either an individual port (for example, 4
976623-32015.6.3 Adding a new custom NATFrom the main port forwards page click the Add new custom N AT button. This will select the Add new custom NAT
98 6623-3201Click Update to save the new custom NAT. The custom NAT table will be updated to include the new custom NAT as shown in Figure 78.Figure 7
996623-3201To add a second custom NAT again click the Add new custom N AT button. In the example shown in Figure 79, a destination NAT is created for
Kommentare zu diesen Handbüchern