MultiConnect rcell 100 Series Cellular Routers

Similar documents
rcell 100 Series MultiConnect Cellular Routers Features Benefits

Privileged Remote Access Appliance Interface (/appliance)

Administrator's Guide

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

vcloud Director User's Guide 04 OCT 2018 vcloud Director 9.5

vcloud Director User's Guide

vcloud Director User's Guide

The new ordering part numbers listed below are the product replacements for the MTCDP-EV2-xx models. New Ordering Part Number.

Configuring Cisco VPN Concentrator to Support Avaya 96xx Phones Issue 1.0. Issue th October 2009 ABSTRACT

CHAPTER 7 ADVANCED ADMINISTRATION PC

vcloud Director User's Guide

Cisco Unified Operating System Administration Web Interface

SonicOS Release Notes

Cisco Unified Operating System Administration Web Interface for Cisco Emergency Responder

Grandstream Networks, Inc. GWN7000 OpenVPN Site-to-Site VPN Guide

vcloud Director User's Guide

Remote Support Appliance Interface (/appliance)

On the left hand side of the screen, click on Setup Wizard and go through the Wizard.

SonicOS Enhanced Release Notes

Peplink SD Switch User Manual. Published on October 25th, 2018

Barracuda Firewall Release Notes 6.5.x

SonicOS Enhanced Release Notes

Table Of Contents. 1. Introduction... 1

Configuring OpenVPN on pfsense

A5500 Configuration Guide

OpenVPN protocol. Restrictions in Conel routers. Modified on: Thu, 14 Aug, 2014 at 2:29 AM

MRD-310 MRD G Cellular Modem / Router Web configuration reference guide. Web configuration reference guide

SocketModem Cell LTE Cat 1 Embedded Cellular Modems AT&T and Verizon Models

Grandstream Networks, Inc. GWN7000 Multi-WAN Gigabit VPN Router VPN Configuration Guide

RealPresence Access Director System Administrator s Guide

Network Camera Security Guide

Barracuda Link Balancer

Dell SonicWALL. NSA 220, NSA 220W and NSA 240. FIPS Non-Proprietary Security Policy

Cradlepoint to Palo Alto VPN Example. Summary. Standard IPSec VPN Topology. Global Leader in 4G LTE Network Solutions

VERTIV. RPC2 Communications Module Release Notes FIRMWARE VERSION _00109, SEPTEMBER 8, Release Notes Section Outline

Series 1000 / G Cellular Modem / Router. Firmware Release Notes

Panoramic Power Installation and configuration guide

Appliance Interface Guide (/appliance) Base 5.x

Release Note of RMCARD 202/203 Ver (Release Date: 06/09/2017):

Administrator's Guide

Security SSID Selection: Broadcast SSID:

Series 1000 / G Cellular Modem / Router. Firmware Release Notes

Quick Note 65. Configure an IPSec VPN tunnel between a TransPort WR router and an Accelerated SR router. Digi Technical Support 7 June 2018

The StrideLinx Remote Access Solution comprises the StrideLinx router, web-based platform, and VPN client.

Quick Installation Guide

User s Guide: Applied Functions

Link Platform Manual. Version 5.0 Release Jan 2017

Port Forwarding Setup (RTA1025W)

Version No. Build Date No./ Release Date. Supported OS Apply to Models New Features/Enhancements. Bugs Fixed/Changes

HP Instant Support Enterprise Edition (ISEE) Security overview

High Availability Synchronization PAN-OS 5.0.3

Cisco TelePresence Video Communication Server Basic Configuration (Single VCS Control)

SonicWALL Addendum. A Supplement to the SonicWALL Internet Security Appliance User's Guide

Defining IPsec Networks and Customers

VPN Configuration Guide. NETGEAR FVG318 / FVS318G / FVS336G / FVS338 / DGFV338 FVX538 / SRXN3205 / SRX5308 / ProSecure UTM Series

Configuration Guide. How to connect to an IPSec VPN using an iphone in ios. Overview

HT812/HT814 Firmware Release Notes IMPORTANT UPGRADING NOTE

Wireless-G Router User s Guide

HT801/HT802 Firmware Release Notes IMPORTANT UPGRADING NOTE

Cisco VXC PCoIP Configuration

IKEv2 Roadwarrior VPN. thuwall 2.0 with Firmware & 2.3.4

Wireless USB Port Multi-Functional Printer Server. Model # AMPS240W. User s Manual. Ver. 1A

Administrator's Guide

Dell SonicWALL SonicOS 6.2

HT812/HT814 Firmware Release Note IMPORTANT UPGRADING NOTE

Quick Start Guide LES1308A, LES1316A LES1332A, LES1348A. Securely manage data center and network equipment from anywhere in the world.

HP Load Balancing Module

AplombTech Smart Router Manual

SonicOS Enhanced Release Notes

Release Notes ( ) Digi TransPort LR Product Family

SCALANCE S615 SIMATIC NET. Industrial Ethernet Security SCALANCE S615 Web Based Management. Preface. Description. Technical basics

Manual Overview. This manual contains the following sections:

Feature Notes LCOS 9.20 RC2.

SonicWall SonicOS 5.9

Key Features... 2 Known Issues... 3 Resolved Issues... 5 Upgrading SonicOS Enhanced Image Procedures... 6 Related Technical Documentation...

SUPERSTACK 3 FIREWALL FIRMWARE VERSION RELEASE NOTES

Security Guide Release 4.0

Series 1000 / G Cellular Modem / Router. Firmware Release Notes

The SafeNet Security System Version 3 Overview

DPtech IPS2000 Series Intrusion Prevention System User Configuration Guide v1.0

User Manual/Web Interface

Using a VPN with Niagara Systems. v0.3 6, July 2013

How to open ports in the DSL router firmware version 2.xx and above

Configuration of Shrew VPN Client on RV042, RV042G and RV082 VPN Routers through Windows

Yealink VCS Network Deployment Solution

How to Create a TINA VPN Tunnel between F- Series Firewalls

Service Managed Gateway TM. Configuring IPSec VPN

Cisco Small Business RV320/RV325 Gigabit Dual WAN VPN Router

BlackBerry UEM Configuration Guide

Content and Purpose of This Guide... 1 User Management... 2

HT801/HT802 Firmware Release Note IMPORTANT UPGRADING NOTE

Configure Site Network Settings

How to Configure BGP over IKEv2 IPsec Site-to- Site VPN to an Google Cloud VPN Gateway

Setting Up Windows 2K VPN Connection Through The Symantec Raptor Firewall Firewall

Stonesoft Management Center. Release Notes for Version 5.6.1


SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.0.0:

LevelOne FBR User s Manual. 1W, 4L 10/100 Mbps ADSL Router. Ver

Administrator's Guide

How to Configure a Remote Management Tunnel for an F-Series Firewall

Transcription:

Product Change Notification Software Release Notice MultiConnect rcell 100 Series Cellular Routers Date: January 16, 2019 I. Product Change Notification Number PCN #011619-00 II. Type of Change This is a software upgrade release for MultiConnect rcell 100 series cellular routers (MTR-xx models) covering 4G and 3G models that further enhances security and flexibility. III. Models covered Base model number MTR-LAT1-XX-XX MTR-LVW2-XX-XX MTR-LEU1-XX-XX MTR-H6-XX-XX MTR-H5-XX-XX MTR-EV3-XX-XX Description 4G LTE (AT&T, T-Mobile, Rogers) United States/Canada 4G LTE (Verizon) United States 4G LTE Europe 3G HSPA+ - Europe 3G HSPA+ - Global 3G EV-DO (Verizon, Sprint, Aeris) United States IV. Minimum System Requirements To install the upgrade, your device must have software (SW) version 3.4.5 or higher. If lower, please, install 3.4.5 before loading version 4.1.0 V. Current and New Software (SW) Versions Current MTR-xx SW: 4.0.5 New MTR-xx SW: 4.1.0 See release notes here: ftp://ftp.multitech.com/wireless/mtr/mtr-release-notes_4.1.0.txt VI. New features in SW Release 4.1.0 a) Software Firmware Integrity Check MultiTech Signed Firmware A private, secure, digital signature technique has been added to the firmware-loading mechanism to enable transferring the device firmware safely. The technique will defeat attempts to load invalid firmware files or files that have been subjected to damage or tampering. MultiTech signs and distributes the firmware through a secure, standard firmware distribution process, and verifies the firmware signature before it installs the firmware files to ensure integrity. PCN 011619-00 Page 1 of 5

IMPORTANT The Signed Firmware validation feature is enabled by default, and can be disabled if required. The System will always verify the signature of the firmware before the firmware upgrade starts if Signed Firmware validation is enabled. The firmware upgrade WILL FAIL and display an error message if a user tries to upgrade with unsigned firmware. The firmware upgrade WILL NOT FAIL if a user upgrades with unsigned firmware (releases 4.0 and older) and if Signed Firmware validation is disabled. b) Ciphersuite SSL/TSL communication was upgraded to use TLS 1.2 and requires ciphers offering no less than 128 bits equivalent strength - without incorporating outdated and vulnerable technologies such as compression, RC4 or MD5. c)./24 Mask Support for IP Pass through mode In PPP IP-Pass through mode now provides./24 network masks in addition to the regular./32 network masks. When users sets up PPP-IP Pass through mode using mask./32, the LAN of the connected device obtains the network settings automatically. Manual LAN configuration is not supported. The network interface of the PC that is connected to the device obtains the IPv4 Address that is retrieved from the cellular network and the IP Mask is 255.255.255.255. The default gateway is 192.168.2.1, which is the router s IP address (IP address could differ as it depends on user s settings). When the IPv4 Mask is./24, the connected device can obtain LAN settings automatically, or the LAN settings can be configured manually. To configure the LAN settings manually the user must know the IP Address that is leased by the Cellular network. This new capability enables multiple devices to connect to the MTR as opposed to just one connection with previous releases allowing for the unique management and identification of all the devices within the network. d) SNMP v3 Advanced Security Settings The 4.1.0 release supports SNMPv3 and authentication protocols MD5 and SHA1 as well as encryption protocols DES and AES-128. The SNMP server Web UI has been enhanced to allow configuring SNMPv3 security settings for SNMP configurations and SNMP trap servers providing heightened security. e) Multiple SNMP Configurations and Trap Destinations Release 4.1.0 provides the ability to configure multiple SNMP trap servers and SNMP server configurations providing increased reliability and redundancy to the system. The System now: Allows enablement of three SNMP configurations and the creation of up to five SNMP Configurations on the device at one time. Allows enablement of up to three SNMP Trap Servers and the creation of up to five SNMP Trap Servers on the device at one time. Offers a Web UI that allows the user to manager multiple SNMP Configurations and Trap Servers. f) Extended SNMP Read Parameters The SNMP read parameters have been extended with additional configuration settings. PCN 011619-00 Page 2 of 5

The following parameters were added to reflect the updated SNMP capabilities: Router System SMS Firewall DNS, DDNS SMTP, SNTP Static Routes DHCP SNTP Tunnels Syslog Diagnostics RADIUS g) Trusted IP Support A separate Firewall configuration has been added which allows setup and management of a trusted list of IP addresses. Users can add and delete trusted IPs and ports, and configure the Trusted mode as no list, white list or black list, where the white list mode is for approved incoming traffic and the black list is for IPs and ports that will be rejected. (Note: If the IP white list is enabled and the list is empty, then incoming packets from all IP addresses and ports will be dropped. If the IP black list is enabled and the list is empty, then any incoming packets from all IP addresses and ports will be allowed.) Trusted IP options are: Name IP Address Range or Subnet Destination Port (default port is ANY) By default the port shall be ANY. The System will allow a range of ports (10000:20000) to be added, the list of ports using comma (443, 82), or list of ranges and ports (10000:20000, 443, 88). Protocol (ANY, TCP/UDP, TCP, UDP) The warning message displayed if a user enables the Trusted IP White List and leaves the IP Range empty: "There are no IP addresses in the Trusted IP list. All incoming traffic will be dropped." The warning message displayed if a user enables the Trusted IP Black List and leaves the IP Range empty: "There are no IP addresses in the Trusted IP list. All incoming traffic will be allowed." h) X.509 Multiple CA Certificate Support A certificate management capability has been implemented which allows adding user s root (CA) certificates. Users can manage root certificates that can be used by different applications on the device, including RADIUS, with the new certificate manager feature. In the previous MTR releases only the certificates that were available in the /etc/ssl could be used by the applications. The user can add and delete user s root certificates in addition to the certificates from the /etc/ssl by application. All CA certificates that are uploaded, deleted or expired are logged. i) IPSec Tunnels Digital Certificate Authentication & Encryption Method Configuration The IPSec Tunnels Encryption method configuration has been enhanced and now supports both Basic and Advanced settings. The Basic IPSec tunnel configuration and authentication now requires digital certificate-based authentication in addition to pre-shared keys (PSK) for enhanced security. Encryption Methods include: 3DES, AES-128, AES-192, AES- 256. Implementation of new Basic & Advanced Settings have been added. The Advanced Configuration allows setting up Encryption, Authentication and Key Group separately for Phase 1 and Phase 2. The Advanced System allows using the following settings: Encryption Methods: 3DES, AES-128, AES-192, AES-256, ANY AES, and ANY. Authentication: MD5, SHA-1, SHA-2, SHA2-256, SHA2-384, SHA2-512, and ANY. PCN 011619-00 Page 3 of 5

Key Group: DH2 (1024-bit), DH5 (1536-bit), DH14 (2048-bit), DH15 (3072-bit), DH16 (4096-bit), DH17 (6144- bit), DH18 (8192-bit), DH22 (1024-bit), DH23 (2048-bit), DH24 (2048-bit), ANY. The System will issue a warning if the configured tunnel uses encryption or a hash algorithm that is known to be weak: Encryption: 3DES, ANY Authentication: MD5, SHA-1, ANY j) Usage Policy Page A new usage policy notification, which is displayed on the Login Page, has been added under the Administration menu which may be edited/modified by the user. The notification describes the device usage policy and is accessible to those users who are not yet authorized (logged in) over the Web UI. The policy text is shown on the login page before the user logs in. The default Usage Policy text is: This system is for the use of authorized users only. Individuals using this system without authority, or in excess of their authority, are subject to having all their activities on this system monitored and recorded by system personnel. Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals possible evidence of criminal activity, system personnel may provide the evidence of such monitoring to law enforcement officials. k) Notifications Sent Page A new Notifications Sent page was added under the Status & Logs menu. This page will contain the details regarding attempts to send Email, SMS, or SNMP notifications. l) TLS Support for Serial-IP Modbus The System now supports a TCP connection encrypted with TSL as well as providing cipher suites and advanced security options when the SSL/TLS protocol is enabled. In addition a Web UI allowing set up of the SSL/TLS protocol is provided when the Modbus Gateway is enabled. VII. Installation Instructions There is a single binary software file supporting both installing with signed verification and installing without signed verification (note: to install the unsigned software, signature verification must first be disabled in the Web UI). To upgrade using the MTR-xx Web UI to MTR 4.1.0, you must be running at least MTR-xx 3.4.5 firmware. To upgrade from a legacy firmware, upgrading to MTR-xx 3.4.5 is necessary before upgrading to MTR-xx 4.1.0 You can download the new SW 4.1.0 binary from the product page: https://www.multitech.com/brands/multiconnect-rcell-100-series I. Click on the corresponding model (i.e. MTR-LAT1-B07-US) II. Then DOWNLOADS III. Then mtr-lte_v4.1.0_upgrade-signed.zip Note: even though file description reads lte, SW 4.1.0 is compatible with all models listed on page 1 of this document IV. Follow instructions below: 1) Save the firmware binary file to a directory on your workstation 2) Using the workstation browser, enter the IP address of the MTR (i.e. http://192.168.2.1) 3) For existing users: Login with your current credentials 3.1) New users Login using admin and create a unique password following instructions on the page. The user password must be at least 8 characters and contain three or more different type of characters: PCN 011619-00 Page 4 of 5

uppercase and lower case alphabetical letters, numbers and special characters such as @#$!. Password must not contain any common dictionary word IMPORTANT Upon power up for the first time or after you reset the device and accept factory default settings, the device goes into commissioning mode. The system requires you to set up an admin user. Enter your desired username and click OK. Enter a desired password for the admin user and click OK. This password must be of sufficient length and strength (with a mix of character classes such as letters, numbers, and symbols). Enter the password again to confirm and click OK. 4) Click "Administration" tab on left side menu bar 5) Click "Save/Restore 6) Click "Save Configuration to File" to save a backup file. A popup window will appear 7) Select "Save File" and click "OK" button 8) Now click "Firmware Upgrade" tab on left side menu 9) Click the Browse button and select the latest version of BIN file, rcell-mtrv1-upgrade_4.1.0bin 10) Click the "Start Upgrade" button. Confirm the 5 minute "OK" button. 11) Wait for the unit to upgrade and reboot automatically. 12) Again, browse to the IP address and verify the Main or Home Page indicates the correct version, 4.1.0 VIII. About MultiConnect rcell 100 Series Cellular Routers The MultiConnect rcell is a compact, intelligent and fully-featured communications platform that provides cellular capabilities for fixed and mobile applications. It is intended for use in settings such as: Remotely monitoring solar micro-inverters, tanks, pipelines, meters, pumps and valves in any energy, utility, or industrial application The MultiConnect rcell 100 Series family has also been successfully deployed by professionals in emergency services, vending, remote patient monitoring, renewable energy systems, process automation and mobile applications (truck, rail, and boat). The MultiConnect rcell 100 Series (MTR-xx) of cellular routers are a part of the MultiTech comprehensive portfolio of cellular connectivity products optimized for M2M (machine-to-machine). The MultiConnect rcell comes with no cost access to DeviceHQ which is MultiTech s cloud platform service to monitor and manage deployed MultiConnect rcell cellular routers in the field. IX. Additional Information If you have any questions regarding this Product Change Notification, please contact your MultiTech sales representative: World Headquarters U.S. EMEA Headquarters UK: +(763) 785-3500 sales@multitech.com +(44) 118 959 7774 sales@multitech.co.uk MultiConnect, MultiTech and the MultiTech logo are registered trademarks of Multi-Tech Systems, Inc. All other trademarks or registered trademarks are the property of their respective owners. Copyright 2019 by Multi-Tech Systems, Inc. All rights reserved. PCN 011619-00 Page 5 of 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback