Home » Lantronix Manuals » Electronics Accessories » Lantronix G520 » Manual Viewer

Lantronix G520 G520 User Guide - Page 200

: SSL, Credentials, SSL

Add to My Manuals
Save this manual to your list of manuals

Page 200 highlights

16: SSL Secure Sockets Layer (SSL) is a protocol that creates an encrypted connection between devices. It also provides authentication and message integrity services. SSL is used widely for secure communication to a Web server, and for wireless authentication. SSL certificates identify the G520 series gateway to peers and are used with some methods of wireless authentication. Provide a name at upload time to identify certificates on the G520 series gateway. You can upload Certificate and Private key combinations, obtained from an external Certificate Authority (CA), to the G520 series gateway. The G520 series gateway can also generate selfsigned certificates with associated private keys. Credentials The G520 series gateway can generate self-signed certificates and their associated keys for both RSA and DSA certificate formats. When you generate certificates, assign them a credential name to help identify them on the G520 series gateway. Once you create your credentials, then configure them with the desired certificates. To configure a new credential: 1. Go to SSL > Credentials. 2. Type the name for your credential in the Credential Name field. 3. Enter the fields under Upload Certificate (see Table 16-1) or Create New Self-Signed Certificate (see Table 16-2). 4. Click Save & Apply. The process to create a self-signed certificate can take up to 30 seconds, depending on the length of the key. The newly created credential is displayed at the top of the SSL Credentials page. To view a credential: 1. Go to SSL > Credentials. 2. Under Current Credentials, click the name of the credential to view its details. To delete a credential: 1. Go to SSL > Credentials. 2. Under Current Credentials, click the Delete button next to the name of the credential. Field SSL Certificate Table 16-1 SSL Credentials - Upload Certificate Description Click the Select file... button to browse to the SSL certificate to be uploaded. RSA or DSA certificates are allowed. G520 Series IoT Cellular Gateway User Guide 200

Section	Page
G520 Series IoT Cellular Gateway User Guide	1
Contents	4
List of Figures	11
List of Tables	12
1: About this Guide	16
Purpose	16
Summary of Chapters	16
Additional Documentation	18
2: Introduction	19
Key Features	19
Hardware Variants	19
InfiniShield™ Security	19
Software Features	19
Lantronix Software Services	20
Applications	20
SKU Information	21
Hardware Components	23
General Specification	23
Model-Dependent Features	24
Front Panel	26
Back Panel	27
LEDs	27
Top Panel LEDs	27
Cellular	28
SIM Slots	29
Antenna Connections	29
Certified Antennas	30
Antenna Selection	30
Ethernet Ports (LAN/WAN)	30
RS-232 Serial Port	32
RS-485 Serial Port	32
RS-485 Wiring diagram	33
Input / Output Connections	33
Power Input	34
Power Consumption	34
Reset Button	34
Power over Ethernet (PSE-PoE+)	35
Product Label	35
3: Installation	36
Package Contents	36
User Supplied Items	36
Statement	36
Accessories	37
Add-ons	38
Preparing to Install	38
Enabling DHCP Client on Your Computer	38
SIM Card Management	39
SIM Card Activation	39
SIM Management Portal	39
Second SIM Card	39
Lantronix Connectivity Services Links	39
Physical Installation	40
Insert the SIM Card	40
Connect the Antennas	41
Connect the AC Power	42
Connect the Gateway to a Computer	42
Connect using Wi-Fi	42
Connect using Ethernet	43
Default Configuration	43
Web Admin Page	43
Wireless Access Point SSID	43
Default Interface Configuration	43
4: Web Administration Interface	45
Logging In	46
Change Passwords After Initial Login	47
Logging Out	48
5: Using Lantronix Provisioning Manager	49
Installing Lantronix Provisioning Manager	49
Accessing the G520 Using Lantronix Provisioning Manager	49
6: Quick Setup	50
Quick Setup	50
7: Status	53
Overview	53
System Status	55
Cellular Status	56
Memory Status	57
Network Status	57
Active DHCP and DHCPv6 Leases Status	58
Wireless Status	58
Digital Input/Output Status	59
Dynamic DNS Status	59
MWAN Interfaces Status	59
Firewall Status	59
Routes	60
System Log	62
Kernel Log	62
Processes	62
Realtime Graphs	63
Load	63
Traffic	64
Wireless	64
Connection	65
Load Balancing	67
Interface	67
Detail	67
Diagnostics	67
Troubleshooting	67
8: System	68
System	68
General Settings	68
Logging	69
Time Synchronization	70
Language and Style	71
Administration	71
Router Password	71
SSH Access	71
SSH-Keys	72
Software	72
Configure OPKG	73
Startup	74
Initscripts	74
Local Startup	75
Scheduled Tasks	75
LED Configuration	76
Backup / Flash Firmware	78
Actions	78
Configuration	79
Custom Commands	79
Write Custom Shell Command	79
Run Custom Shell Command	80
Reboot	80
Schedule a Reboot	80
9: VPN	81
IPsec (Internet Protocol Security)	81
OpenVPN	85
OpenVPN Instances	85
Template-based Configuration	87
Predefined templates	87
Edit the template-based configuration	87
OpenVPN Configuration File	87
Edit the OVPN Configuration File	87
10: Services	88
Industrial Protocols	88
Protocol Conversion	88
Data Send Applications	88
Agents	89
DLMS Client	89
DOTA	91
Lantronix Server	91
Custom Server	91
Dynamic DNS	93
EtherCAT	95
Events	95
External Filesystems	97
GPS	98
Description of NMEA Messages	99
GPGGA Format	100
GPRMC Format	101
GPGSV Format	102
GPGSA Format	103
GPVTG Format	104
IEC 101 to 104	105
Keepalived	107
Keepalived Configuration	107
Last Gasp	110
Logs Information	111
Modbus Master	111
Serial Transmission Mode	111
Ethernet Transmission Mode	111
Modbus Master Configuration	112
Data Window	113
Modbus Download	113
Modbus RTU to DNP3	113
Configure DNP3 Outstation for Modbus RTU to DNP3 conversion	113
Modbus Master Configuration File for DNP3 Outstation	114
Sample CSV with DNP3 Parameters	114
Page Selector	115
Reporting Agent	115
Sending Data	117
Data Format	117
Service Actions	118
SMS	119
SMS Configuration	119
SMS AT Commands	119
Ethernet SMS	122
Live Message	123
SNMPD	124
SNMP Architecture	124
SNMP Versions	124
SNMP Configuration	125
Agent Behavior	125
View-based Access Control Model (VACM)	125
SNMPv3 with User-based Security Model (USM)	126
System Information and Monitoring	126
Active Monitoring	126
Configure SNMPv1 or SNMPv2	127
Configure SNMPv3 with USM	127
SNMPTRAPD	134
SNMP-TRAP Configuration	134
uHTTPd	137
Web Server Configuration	137
Self-Signed SSL Certificate Parameters	139
11: Network	140
Interfaces	140
Interfaces Overview	140
Interface Status	142
Interface Protocols	143
Protocol Descriptions	144
Static Address	144
DHCP Client	146
DHCPv6 Client	148
PPPoE	149
QMI Cellular	150
CELLULAR Interface	152
LAN Interface	153
DHCP Server	153
WAN and WAN6 Interface	155
WWAN and WWAN6 Interface	157
Add Virtual Interface	158
Relay Bridge	160
Wireless	161
Wireless Network Configuration	162
DHCP and DNS	165
General Settings	165
Resolv and Host Files	166
TFTP Settings	166
Advanced Settings	167
Static Leases	168
Hostnames	169
Static Routes	169
Static IPv4 Routes	169
Static IPv6 Routes	170
Diagnostics	172
Firewall	173
General Settings	173
Firewall Global Settings	173
Firewall Zones	174
Port Forwards	175
Add Port Forwarding Rule	176
Traffic Rules	177
Add Traffic Rule	178
Custom Rules	179
QoS	180
Load Balancing	182
How it works	182
Globals	182
Interfaces	183
Members	185
Policies	186
Rules	188
Notification	189
12: Bluetooth	190
Bluetooth Settings	190
Configure Bluetooth settings	190
Scan for and Pair a Device	190
Bluetooth SPP	191
Configure Bluetooth SPP Connection	192
Configure Tunnel SPP Slave	192
Configure Tunnel SPP Master	192
13: ConsoleFlow	194
Client	194
ConsoleFlow Line	195
14: Discovery	197
Query Port	197
15: Serial	198
Serial Line Statistics	198
Serial Line Configuration	198
16: SSL	200
Credentials	200
Trusted Authorities	201
17: Tunnel	203
Tunnel Statistics	203
Tunnel Modbus RTU to Modbus TCP	203
Tunnel Accept	204
Tunnel Connect	207
Hosts	208
Connecting Multiple Hosts	210
Tunnel Disconnect	210
A: Compliance Information	211
FCC Statement	212
Federal Communication Commission Interference Statement	212
ISED Statement	213
EU Declaration of Conformity	214
EU Statements	215
B: Power Cable Schematic	221
Power Cable Schematic	221
C: List of Acronyms and Protocols	222

Match case Limit results 1 per page

G520 Series IoT Cellular Gateway User Guide

200

16: SSL

Secure Sockets Layer (SSL) is a protocol that creates an encrypted connection between devices.

It also provides authentication and message integrity services. SSL is used widely for secure

communication to a Web server, and for wireless authentication.

SSL certificates identify the G520 series gateway to peers and are used with some methods of

wireless authentication. Provide a name at upload time to identify certificates on the G520 series

gateway.

You can upload Certificate and Private key combinations, obtained from an external Certificate

Authority (CA), to the G520 series gateway. The G520 series gateway can also generate self-

signed certificates with associated private keys.

Credentials

The G520 series gateway can generate self-signed certificates and their associated keys for both

RSA and DSA certificate formats. When you generate certificates, assign them a credential name

to help identify them on the G520 series gateway. Once you create your credentials, then

configure them with the desired certificates.

To configure a new credential:

Go to SSL > Credentials.

Type the name for your credential in the Credential Name field.

Enter the fields under Upload Certificate (see

Table 16-1

) or Create New Self-Signed

Certificate (see

Table 16-2

Click

Save & Apply

. The process to create a self-signed certificate can take up to 30 seconds,

depending on the length of the key.

The newly created credential is displayed at the top of the SSL Credentials page.

To view a credential:

Go to SSL > Credentials.

Under Current Credentials, click the name of the credential to view its details.

To delete a credential:

Go to SSL > Credentials.

Under Current Credentials, click the

Delete

button next to the name of the credential.

Table 16-1

SSL Credentials - Upload Certificate

Field

Description

SSL Certificate

Click the

Select file...

button to browse to the SSL certificate to be

uploaded. RSA or DSA certificates are allowed.