Template:Networking rut manual administration: Difference between revisions

From Teltonika Networks Wiki
Line 385: Line 385:
==Diagnostics==
==Diagnostics==


The '''Diagnostics''' page is used to diagnose whether you have an internet connection, trace routes of specified addresses and to perform NSlookups by sending ICMP ping packets to a specified host or IP address.
The <b>Diagnostics</b> section is used to execute simple network diagnostic tests, including <i>ping</i>, <i>traceroute</i> and <i>nslookup</i>.


[[File:{{{file_diagnostics}}}]]


[[Image:System administration diagnostics.PNG]]
Enter an address in the <i>Host</i> field and execute one of the following actions:
 
<ul>
    <li><b>Ping</b> - sends ICMP requests to the specified address.</li>
    <li><b>Traceroute</b> - displays the path that packets have to take in order to reach the specified address.</li>
    <li><b>Nslookup</b> - obtains domain name address and IP address mapping information.</li>
</ul>


==MAC Clone==
==MAC Clone==

Revision as of 08:58, 22 July 2019

Summary

This page is an overview of the Administration section of {{{name}}} routers.

The information in this page is updated in accordance with the [[Media:{{{fw_version}}}_WEBUI.bin|{{{fw_version}}}]] firmware version.

General

The General section is used to set up some of the router's managerial parameters, such as password, name, language, etc. For more information on the General section, refer to figure and table below.

[[File:{{{file_general}}}]]

Field Value Description
Router name string; default: RUT955 The router's model name.
Host name string; default: Teltonika-RUT955.com The router's hostname. This can be used instead of the IP address to reach the router's WebUI from the local network.
Current password string; default: none The router's current password.
New password | Confirm new password string; default: none A new password for the router. The password must be comprised of 8-32 characters, including at least one upper case letter, one lower case letter and one digit.
Language English | Deutsch | Français | Turkish; default: English Selects the router's WebUI language.
IPv6 Support yes | no; default: no Turns IPv6 support on or off.
Show mobile info at login page yes | no; default: no Shows mobile data connection information (signal strength, state, service mode) at login page.
Show WAN IP at login page yes | no; default: no Shows the router's WAN IP address at login page.
LEDs Indication yes | no; default: yes Turns the router's LED indications on or off.
Reset button configuration integer [5..60]; default: 5 Specifies the minimum amount of time (in seconds) that the reset button has to be pressed and held down in order to initiate a factory reset.
Restore to default -(interactive button) Restores the router to it's default state (factory settings).

Troubleshoot

[[File:{{{file_troubleshoot}}}]]

Field Value Description
System log level Debug | Info | Notice | Warning | Error | Critical | Alert | Emergency; default: debug Specifies the information output level of the system log.
  • Debug - contains basic information that is diagnostically helpful to most people (i.e., not just engineers).
  • Info - general useful information (e.g., configuration changes, starts and stops of services, etc.)
  • Notice - conditions that are not error conditions, but that may require special handling.
  • Warning - anything that can potentially cause application oddities, but for which the system is automatically recovering from (e.g., retrying an operation, missing secondary data, etc.)
  • Error - errors that are fatal to the operation, but not the service or application (can't open a required file, missing data, etc.) Solving these types of errors will usually require user intervention.
  • Critical - critical conditions, device errors.
  • Alert - a condition that must be corrected immediately.
  • Emergency - a panic condition, i.e., system is no longer usable.
Save log in RAM memory | Flash memory; default: RAM memory Specifies which type of memory to use for storing system logs.
Include GSMD information yes | no; default: yes When checked, includes the router's GSMD information in the log file.
Include PPPD information yes | no; default: no When checked, includes the router's PPPD information in the log file.
Include chat script information yes | no; default: yes When checked, includes the router's chat script information in log file.
Include network topology information yes | no; default: no When checked, includes the router's network topology information in the log file.
System log - (interactive button) Displays the contents of the router's system log file. The system log contains records of various system related events, such as starts/stops of various services, errors, reboots, etc.
Kernel log - (interactive button) Displays the contents of the router's kernel log file. The kernel log contains records of various events related to the processes of the operating system (OS).
Troubleshoot file - (interactive button) Downloads the router's Troubleshoot file. It contains the router's configuration information, logs and some other files. When requesting support, it is recommended to always provide the router's Troubleshoot file to Teltonika engineers for analysis.
TCP dump file - (interactive button) Downloads the router's TCP dump file. TCP dump is a program used to capture packets moving through network interfaces. By default, the router does not store TCP dump information. You must enable TCP dump and save the changes before you can download the file.
Enable TCP dump* yes | no; default: no Turns TCP dump packets capture on or off.

* More on TCP dump in the next section.

TCP dump


TCP dump is a program used to capture packets moving through network interfaces. By default, the router does not store TCP dump information. You must enable TCP dump and save the changes before you can download the file.

If you enable TCP dump, you will notice additional configuration fields appear. Refer to the figure and table below for realted information.

[[File:{{{file_tcpdump}}}]]

Field Value Description
Enable TCP dump yes | no; default: no Turns TCP dump packet capture on or off.
Select interface network itnerface; default: any Only captures packets that move through the specified network interface.
Select protocol filter all | icmp | tcp | udp | arp; default: all Only captures packets that match the specified protocol.
Select packets direction IN/OUT | Incoming | Outgoing; default: IN/OUT Only captures packets coming from the specified direction.
Host ip | host; default: none Only captures packets related to the specified host.
Port integer [0..65335]; default: none Only captures packets related to the specified communication port.
Select storage Internal storage; default: Internal storage Specifies where the TCP dump file will be stored.

Backup

The Backup page is used to download or upload configuration backup files to the router. Backup files can be uploaded only from identical devices with identical or older (no older than RUT9XX_R_00.03.726) firmware. Once a backup file is uploaded to a router, that router will have identical configuration as the router from which the backup file originated (was downloaded from).

[[File:{{{file_backup}}}]]

  • Backup Configuration - generates and downloads the router's backup file based on the current configuration.
  • Restore Configuration - uploads a configuration backup file to the router. This can be done in two ways:
    • Upgrade from file - uploads a configuration file from your computer.
    • Upgrade from FOTA - uploads a configuration file assigned to the device in FOTA.

Important: backup files can be uploaded only when taken from a device with an identical Product code (can be checked in Status → [[{{{name}}} Device|Device]]) and identical firmware.

Access Control

The Access Control page is used to manage remote and local access to the router.

Important: turning on remote access leaves the router vulnerable to external attackers. Make sure you use a strong password.

General


The General section is used to amange SSH, HTTP(S) and CLI access to the router.

SSH


[[File:{{{file_access_ssh}}}]]

Field Value Description
Enable SSH access yes | no; default: yes Turns SSH access from the local network (LAN) on or off.
Remote SSH access yes | no; default: no Turns SSH access from remote networks (WAN) on or off.
Port integer [0..65535]; default: 22 Selects which port to use for SSH access.


WebUI


[[File:{{{file_access_webui}}}]]

Field Value Description
Enable HTTP access yes | no; default: yes Turns HTTP access from the local network (LAN) to the router's WebUI on or off.
Redirect to HTTPS yes | no; default: no Redirects connection attempts from HTTP to HTTPS.
Enable remote HTTP access yes | no; default: no Turns HTTP access from remote networks (WAN) to the router's WebUI on or off.
Port integer [0..65535]; default: 80 Selects which port to use for HTTP access.
Enable remote HTTPS access yes | no; default: no Turns HTTPS access from remote networks (WAN) to the router's WebUI on or off.
Port integer [0..65535]; default: 443 Selects which port to use for HTTPS access.
Enable JSON RPC yes | no; default: yes Turns JSON-RPC access via ubus on or off.
RFC1918 Filter yes | no; default: yes Turns Address Allocation for Private Internets on or off.


CLI


[[File:{{{file_access_cli}}}]]

Field Value Description
Enable CLI yes | no; default: yes Turns CLI access from the local network (LAN) on or off.
Enable remote CLI yes | no; default: no Turns CLI access from remote networks (WAN) on or off.
Port range range of integers [0..65534]-[1..65535]; default: 4200-4220 Selects which ports to use for CLI access.
Shell limit integer [1..10]; default: 5 Maximum number of active CLI connections.

Safety


The Safety section is used to manage the List Of Blocked Addresses. After a user attempts to login to this devices via SSH/HTTP, he will have a limited amount of retries in case of unsuccessful login attempts. This limit is called Fail count and is set in this page. After the user exhausts the maximum number of attempts, his IP address will be blocked from making more attempts and added to the List Of Blocked Addresses.

Block Unwanted Access


[[File:{{{file_access_unwanted}}}]]

Field Value Description
Enable yes | no; default: yes Turns secure SSH/HTTP access on or off. If this is checked, devices logging in have a limited amount of tries specified in the Fail count field to log in to the router via SSH/HTTP.
Clean after reboot yes | no; default: no If this field is checked, addresses are removed from the List Of Blocked Addresses after every router reboot.
Fail count integer; default: 5 Maximum login fail count after which the device's address is blocked and addedd to the List Of Blocked Addresses.


List Of Blocked Addresses


[[File:{{{file_access_list}}}]]

The screenshot above is of a list that contains one blocked address. If you or someone you know gets blocked accidentally, you can unblock users from this section by deleting their IP address from the list.

Note: the list gets cleared after a factory reset.

Diagnostics

The Diagnostics section is used to execute simple network diagnostic tests, including ping, traceroute and nslookup.

[[File:{{{file_diagnostics}}}]]

Enter an address in the Host field and execute one of the following actions:

  • Ping - sends ICMP requests to the specified address.
  • Traceroute - displays the path that packets have to take in order to reach the specified address.
  • Nslookup - obtains domain name address and IP address mapping information.

MAC Clone

Overview

The Administration->Overview section is used to configure which widgets should be shown in the Overview page.

RMS

Template:Rut manual system administration rms

Root CA

Template:Rut manual system administration root ca