Title of your website

myBOX USER MANUAL
Version 7

1.Introduction #

SAFETY PRECAUTIONS

1. PLEASE CHANGE THE DEFAULT PASSWORD BEFORE USING THE DEVICE IN A PRODUCTION ENVIRONMENT AS NOT DOING SO MAY RESULT IN A SYSTEM INTRUSION AND ANY PERSON COULD EASILY GAIN A FULL ACCESS TO THE CONTROLLED TECHNOLOGY!!!

2. USE INTEGRATED FIREWALL TO BLOCK ALL SERVICES YOU DO NOT NEED TO ACCESS.


 

Purpose of This Manual

This manual is a reference guide for myBOX device whose purpose is to:

  • explain how to install and wire your device
  • give you an overview of the device system
  • explain how to set up all necessary settings of the device for a correct operation

 

Who Should Use This Manual

Use this manual if you are responsible for designing, installing, programming or troubleshooting control systems using this device. You should have a basic understanding of electrical circuitry and familiarity with the relay logic.

ImportantIf you do not have this necessary knowledge, please obtain an appropriate training before using the product!

 

Getting Help

For technical support, please visit the RESOURCES section on our website, where you can find most of the necessary information – product information, video tutorials, other manuals.

If you do not find information you need, go to https://www.myscada.org/submit-ticket and submit a ticket. Our qualified personnel is ready to help you. For quick and effective communication, please send detailed information about the project.

For project creation, download a project creation tool called myDESIGNER here: https://www.myscada.org/download.

It is always possible to view this manual by clicking on ? icon, which is located in the upper right corner of the device’s user interface (described later in the manual). It is strongly recommended to have this manual printed out and kept within reach of maintenance staff personnel.

 

Warranty

All products manufactured by mySCADA Technologies s. r. o.™ are under warranty, regarding defective materials for a period of one year from the date of delivery to the original purchaser.

 

 

 


* The examples and diagrams in this manual are included solely for illustrative purposes. In no event will mySCADA technologies. be responsible or liable for indirect or consequential damages resulting from the use or application of this equipment. Reproduction of the contents of this manual, in whole or in part, without written permission of  mySCADA Technologies, is prohibited. mySCADA Technologies reserves the right to change this manual at any time without notification.

Copyright – © mySCADA Technologies s.r.o.

Trademark – the names used for identification are all registered trademarks of their respective companies.

2.Hardware Overview #

2.1.Hardware features #

The hardware features of the device are shown in the pictures below:

 

2.1.1

 

Feature

Description

1

Port 1 (optional Ethernet port or RS-232/RS-485 ports)

2

Port 2 (optional Ethernet port or RS-232/RS-485 ports)

3

Micro SD card slot

4

SIM card compartment

5

Ethernet port

6

Reset / Switch-off pin hole

7

Status LED indicators

8

Power supply socket

9

Wi-Fi antenna connector SMA (only for Wi-Fi version)

10

GPS antenna connector SMA (only for 3G version)

11

GSM antenna connector SMA (only for 3G version)

 

2.1.2

Feature

Description

12

DIN Rail holder

 

2.2.Technical specifications #

Parameters

 

Storage

1 (4) GB Flash NAND Memory

Optional SSD Drive

SD Card

Yes

Ethernet 10/100 Mbit

Up to 3 ports

RS-232

Up to 4 ports

RS-485

Up to 2 ports

HW Watchdog

Integrated

Power

12-48 VDC

Size

127 x 33 x 128 mm (W x H x D)

Temperature range

0° to 70° C

-40° to 85° C (IT
Version)

-20° to 70° C (IT with 3G
modem)

Certification

CE, FCC, RoHS

Ecology

Highly recyclable, RoHS, Ultra low power consumption

Networking

 

DHCP

Client and Server

Interface

Routing and bridging supported

Network Address Translation (NAT)

Supported

Firewall

Integrated

Dynamic DNS

Supported

Security

 

VPN PPTP

Client and Server

Cisco VPN

Direct import of pcf files

IPSEC

Full support

WiFi module

 

Type

802.11 b/g

Access Point Mode

Yes

No. of simultaneously connected clients

Max 7

Frequency

2.4 GHz WLAN

HW Encryption

WEP, TKIP, and AES

Speed

72.2 Mbps for 20 MHz channel

150 Mbps for 40 MHz channel

Frequency range

USA: 2.400 ~ 2.483GHz

Europe: 2.400 ~ 2.483GHz

Japan: 2.400 ~ 2.497GHz

China: 2.400 ~ 2.483GHz

Certifications

CE, FCC, RoHS

3G module

 

Type

Quad-band HSPA+/HSUPA/HSDPA/WCDMA
2100/1900/900/850 (MHz)

Download Speed

21Mbps

Upload Speed

5.76Mbps

Certifications

CE, FCC, RoHS, IC, GCF, PTCRB, CCC

GPS

 

Type

Standalone GPS, A-GPS, GPS Extra

Data format

Server-Side Script readable – JSON

PLC protocols

 

Siemens S7

S7-1200,
S7-300, S7-400, …

EtherNet/IP

ControlLogix, CompactLogix, Micrologix 1200, Micrologix 1400, Micrologix
1500, SLC 500, PLC 5, Omron PLCs, …

Modbus TCP

Wago, Schneider, Micrologix, ABB, RTUs, …

Modbus Serial (can be used on any port RS-232 and RS-485)

IPCDAS, ADAM, RTUs, …

Melsec Binary

Melsec-Q, E71 controller type, 3E packets

Toyopuc

Full support with hierarchy

OPC UA

OPC UA client conforming to IEC 62541. Support of plain, crypted and user login.

2.3.Dimensions #

 

2.3.1

 

3.Installing your device #

Compliance to EU Directives

This product has the CE mark and is approved for installation within the European Union and EEA regions. It has been designed and tested to meet the following directives:

EMC Directive

This product is tested to meet Council Directive 89/336/EEC Electromagnetic Compatibility (EMC) and the following standards, in whole or in part, documented in a technical construction file:

Test Standards

  • EN 61000-4-2 ed.2:2009
  • EN 61000-4-3 ed3:2006 + A1 + A2
  • EN 61000-4-4 ed2:2005 + A1
  • EN 61000-4-5 ed.2:2007
  • EN 61000-4-6 ed.3:2009
  • EN 55022 ed2:2007 + A1 art. 6, 10

Related Standards

  • EN61326-1:2006
EN 61000-6-1 ed2:2007
  • EN 61000-6-2 ed3:2006
  • EN 61000-6-3 ed2:2007
  • EN 61000-6-4 ed2:2007
  • EN 55024 ed.2:2011

Installation Considerations

Most applications require installation in an industrial enclosure to reduce the effects of electrical interference and environmental exposure. Locate your device as far as possible from any power lines, load lines, and other sources of electrical noise, such as hard-contact switches, relays, and AC motor drives.

This product is intended for the use in an industrial environment.

Safety Considerations

Safety considerations are an important element of proper system installation. Actively thinking about the safety of yourself and others, as well as the condition of your equipment, is of primary importance.

Preventing Excessive Heat

For most applications, normal convective cooling keeps the device within the specified operating range. Ensure that the specified temperature range is maintained. Proper spacing of components within an enclosure is usually sufficient for heat dissipation. Please take into consideration that in some applications other equipment inside or outside of the enclosure may produce a substantial heat amount. In this case, place blower fans inside the enclosure to assist in air circulation and reduce “hot spots” near the device. Additional cooling provisions might be necessary when high ambient temperatures are encountered.

Do not bring in unfiltered outside air. Place the device in an enclosure to protect it from a corrosive atmosphere. Harmful contaminants or dirt could cause improper operation or damage to the components. In extreme cases, you may need to use air conditioning for protecting the device against the heat build-up within the enclosure.

3.1.Mounting the device #

This device is suitable for use in an industrial environment when installed in accordance to these instructions. It can be mounted vertically or horizontally. You should provide min. 50 mm (approx. 2 inches) of space on all sides of the device for adequate ventilation. Keep in mind to maintain spacing from enclosing walls, wire ways, adjacent equipment, etc.

DIN Rail Mounting

The device can be mounted to EN50022-35×7.5 or EN50022-35×15 DIN rails. There is no need for using any screwdrivers or tools. Simply hook the top slot over the DIN rail and then, while pressing the device down against the top of the rail, snap the bottom of the device into position. To remove your controller from the DIN rail press the bottom jutting part of the holder (you may need a screw driver to do so) and release the device from the DIN rail by carefully pulling it up and towards you.

 

3.1.1

 

3.2.Power wiring and device start-up #

Before you install and wire any device, make sure to disconnect the electric power from the system! Strip the ends of the cable so it could be slipped into the supplied green connector (as shown on the picture bellow). Do not forget to check the correct polarity! Tighten the terminal screw, using a small flat-blade screwdriver.

 

Please keep in mind the power input voltage must always be within the range of 12~48V DC!

 

3.2.1

 

When the wires are attached plug in the green connector to the green socket, located in the bottom right corner of the front panel and plug it into the electrical socket. The device automatically starts up and performs the initialization process, indicated by the LED status indicators.

 

3.2.2

 

3.3.Getting online help from mySCADA #

Should you need help with setting up your myBOX, you are welcome to use our online helpdesk. For technical support, please, submit ticket here.

Prior to the set online help, please make sure your box is connected to the Internet. Press and hold the RESET button until SYSTEM led starts blinking. Now, the box should be securely connected to our mySCADA helpdesk through a secure VPN service and mySCADA support team can access your device and help you online.

3.4.Reset to default settings #

If neccessary, the device can be reset to the factory settings by the following procedure:

  1. Power the unit on (unplug and plug the power cord)
  2. Wait for the SYSTEM led to light on
  3. Press and hold the RESET button (use a paper clip to do so)
  4. When the USER led lights on, release the RESET button
  5. Now the system restores into default, please wait approx. 5 minutes for reboot

 

DO NOT INTERRUPT THIS PROCEDURE AS THE UNIT COULD BECOME BLOCKED!

!!! Attention: Once the device is reset, all saved data stored in the internal memory will be erased !!!

 

4.Communication connections #

This device provides the following communication channels:

  • Ethernet port, RJ-45
  • Additional Ethernet port, RJ-45 (2x)
  • Optional set of 2x RS-232 and 1x RS-485 ports

This device supports the following industrial communication protocols:

  • EtherNet/IP
  • Modbus TCP
  • Siemens S7 (S7-300/400/1200 syntax)
  • Melsec Q3
  • Toyopuc
  • OPC UA – OPC Unified Architecture driver
  • KNX

 

A typical network topology is pictured below:

 

4.0.1

 

Once the device is connected to a local area network, it can be easily accessed and configured via a web browser installed on your computer. After entering a valid IP address in your web browser you will see the configuration interface of the device. The default IP address is set to:

192.168.13.20

You need to enter the correct username and password to access the advanced system settings. Default login details are:

user name: admin

password: admin

 

Do not forget to change the default password after you log in to avoid any unauthorized access to your device!!

All components and settings of the configuration interface are described later in this manual.

4.1.Connecting to networks via ethernet interface #

The Ethernet communication channel allows your device to be connected to a local area network for various devices, providing 10 Mbps/100Mbps transfer rate. Shielded 6E category twisted-pair 10/100Base-T cables with RJ-45 connectors are only supported. The maximum cable length between the Ethernet port of the device and the 10/100Base-T port on an Ethernet router/switch (without repeaters or fiber) should be 100 m (323 ft). However, in industrial application the cable length should be kept to a minimum.

The connections are made directly from the device to an Ethernet router or switch via 8-wire twisted-pair straight-through cables. The following Ethernet settings are supported (mode selection is automatic):

  • 10 Mbps half duplex or full duplex
  • 100 Mbps half duplex or full duplex

The Ethernet cabling with straight-through method is recommended as below.

PLEASE MAKE SURE YOU DO NOT MAKE AN INCORRECT CONNECTION!

Pin

Pin name

Cable color

1

Tx+ Transmit Data

Orange/White

2

Tx– Transmit Data

Orange

3

Rx+ Receive Data

Green/White

4

No used by 10/100Base-T

Blue

5

No used by 10/100Base-T

Blue/White

6

Rx- Receive Data

Green

7

No used by 10/100Base-T

Brown/White

8

No used by 10/100Base-T

Brown

 

4.1.1

 

Useful Information on Ethernet Wiring:

The most common wiring for RJ-45 cables is the “straight-through” cable, which means that the pin 1 of the plug on one end is connected to the pin 1 of the plug on the other end. The straight through RJ-45 cable is commonly used for connecting network cards with hubs on 10Base-T and 100Base-Tx networks. On network cards, the pair 1-2 serves as a transmitter, and the pair 3-6 as a receiver. The other two pairs are not used. On hubs the pair 1-2 is the receiver and 3-6 the transmitter. It may be best to wire your cables with the same color sequence. In this cable layout, all pins are wired one-to-one to the other side. The pins on the RJ-45 connector are assigned in pairs and every pair carries one differential signal. Each line pair has to be twisted.

In a small network with only two computers the use of the “crossover” RJ-45 cable is necessary, where the transmitting and receiving lines on both RJ-45 connectors are cross connected. The color-coding for the crossover RJ-45 cable has been defined in the EIA/TIA 568A standard. In the crossover cable layout you should remember that one end is normal and the other end has the crossover configuration.

 

4.1.2

 

 

4.1.3

 

4.2.Connecting to networks via RS-232/485 interface #

Note that this chapter is applicable only if the optional “Serial ports” kit has been purchased with the device.

The kit comprises of three serial ports, described in the table below:

Port name

Port type

Connection

COM1

RS-232

EIA/TIA-561

COM2

RS-232

Proprietary

RS-485

RS-485

Proprietary

 

All these three serial ports are located in the “Port 1” of the device (physically RJ-45 Ethernet port). The connection scheme of the “Port 1” is as follows:

RJ-45 Pin

Pin name

Description

1

GND

Signal Ground

2

RxD

COM 2 Receive pin

3

TxD

COM 2 Transmit pin

4

GND

Signal Ground

5

RxD

COM 1 Receive pin

6

TxD

COM 1 Transmit pin

7

A

RS-485 A also denoted as (-)

8

B

RS-485 B also denoted as (+)

 

4.3.Using the RS-232 interface #

COM1 is routed according to EIA/TIA-561 Pin Layout (serial interface via 8-pin connector) while using only Rx,Tx and Ground pins. Every serial device connected to the port COM1 must have an interface cable conforming to EIA/TIA-561 standard. On one end this cable must have a male RJ-45 plug and on the other end it must have a connector fitting into your serial device. The diagram shows the pin connections for the COM1 conversion cable from RJ-45 “Port 1” into regular “CANON DB-9” connector.

 

4.3.1

 

RJ-45 Pin

Pin name

CANON DB-9 Pin

Function

1

GND

Do Not Use

Do Not Use

2

RxD

Do Not Use

Do Not Use

3

TxD

Do Not Use

Do Not Use

4

GND

5

Signal Ground

5

RxD

2

Receive pin

6

TxD

3

Transmit pin

7

A

Do Not Use

Do Not Use

8

B

Do Not Use

Do Not Use

 

COM2 is using only Rx,Tx and Ground pins. Every serial device connected to port COM1 must have an interface cable that conforms to the defined pinout. On one end this cable must have a male RJ-45 plug, on the other end it must have a connector that fits into your serial device. The diagram shows the pin connections for the COM2 conversion cable RJ-45 “Port 1” to regular “CANON DB-9” connector.

 

4.3.2

 

RJ-45 Pin

Pin name

CANON DB-9 Pin

Function

1

GND

5

Signal Ground

2

RxD

2

Receive pin

3

TxD

3

Transmit pin

4

GND

Do Not Use

Do Not Use

5

RxD

Do Not Use

Do Not Use

6

TxD

Do Not Use

Do Not Use

7

A

Do Not Use

Do Not Use

8

B

Do Not Use

Do Not Use

 

4.4.Using the RS-485 interface #

The RS-485 port has tri-state capabilities and allows a single pair of wires to share, transmit and receive signals for half-duplex communications. This “two wire” configuration (note that an additional ground conductor should be used) reduces the cabling cost. RS-485 devices may be internally or externally configured for two wire systems. RS-485 port is internally configured and thus it simply provides A and B connections (sometimes labeled “-” and “+”).

 

4.4.1

 

RJ-45 Pin

Pin name

CANON DB-9 Pin

Function

1

GND

5

Signal Ground

2

RxD

Do Not Use

Do Not Use

3

TxD

Do Not Use

Do Not Use

4

GND

Do Not Use

Do Not Use

5

RxD

Do Not Use

Do Not Use

6

TxD

Do Not Use

Do Not Use

7

A

3

( – )

8

B

7

( + )

 

Alternatively A, B and GND wires can be connected directly to the PLC or device without a need of using BD-9 connector as such.

 

4.4.2

 

4.5.Connecting to networks via wireless 3G interface #

Please note this chapter is applicable only for theh3G device versions, equipped with a wireless modem.

Connecting your device via a mobile network virtually allows for an access from anywhere in the world. This can be done on condition that firstly, the device is installed in an area with a mobile network access. Secondly, the device has contains a SIM card with an active mobile data plan (contact your local mobile network provider for more information).

The built-in wireless modem supports the following technology for mobile networks:

  • GSM – Global System for Mobile Communications
  • GPRS – General Packet Radio Service
  • EDGE – Enhanced Data rates for GSM Evolution
  • UMTS – Universal Mobile Telecommunications System, aka 3G
  • HSDPA / HSUPA – High-Speed Downlink/Uplink Packet Access, aka 3G+

LTE – a 4G mobile communications standard

please make sure the power supply to the device is completely disconnected Before handling the SIM card

The SIM card can be inserted into the front slot.

 

4.5.1

 

It is recommended that you use the supplied aerial/antenna, however thank to the standard SMA connector you may use any other GSM antenna available on the market.

As soon as the device is powered on, the internal wireless modem starts to automatically login into a preset APN (Access Point Name). Therefore, the correct APN must be set for proper operation – this can be also done through the web user interface, which is described later in this manual. By default the APN is set as “internet”.

4.6.Access point mode with wireless Wi-Fi integrated card #

Please note the following information applies only to the Wi-Fi versions of myBOX, which are equipped with the wireless modem.

myBOX can be equipped with a Wi-Fi access point card. If activated, you can connect to your device via Wi-Fi networks. Please note that standard protection can be applied for security reasons and there is a maximum of 7 simultaneous connections that can be achieved.

5.Graphical user interface #

The graphical user interface (GUI) of this device is based on standard web pages, meaning that any web browser installed on your computer, such as MS Internet Explorer, Apple Safari, Firefox, Chrome, etc. can view it. To access the GUI simply enter the correct IP address of the device into the address bar in your web browser.

 

The GUI is divided into two main parts (levels):

  1. HMI – allows viewing HMI screens and logged data (data-logs and alarms)
  2. Administration – after successful login, various advanced settings can be set and adjusted, such as network, VPNs, accesses, SMTP, etc.

 

The HMI level is described in myPRO user manual, while the Administration level is described later in the chapter “Admistration level”.

6.Administration level #

My Account

In this menu you can change administrator password and other useful settings such as email and phone number.

 

6.0.1

 

System

In this section you can set up all settings related to the device system.

 

Date & Time

Enter the current date and time then click on „Change“ to save. You can also set a time zone where your country/city is located in.

 

6.0.2

 

NTP

This feature allows time synchronization with a Network Time Protocol server (e.g. time.nist.gov). Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.

 

6.0.3

 

SMTP

Here you can set an email server to be used to send email messages (this is provided by your ISP).

 

6.0.4

 

  • SMTP Server – the IP address of the SMTP server
  • Port – choose TCP port 25 (SMTP) or port 587 (Submission), or other given by your IT department or ISP provider
  • Mail from – an email address which email messages will be sent from. Use the form user@company.domain
  • Use authentication SSL/TSL – fill in the user name and password provided you desire to use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for enhanced communication security

 

Send Info Email After Boot

In case of unit reboot this choice generates an informational email for the specified group of users.

 

6.0.5

 

  • Enable – enable the service
  • Send to group  – set the group of users to which will be informational mail send.

 

SMS

If you have unit with 3G Modem, you should set up the SMS Center settings.

 

6.0.6

 

  • SMS Center – your service provider SMS center
  • Max SMS per min – maximum number of SMS sent during a minute. This choice limits the price of SMS services to be paid.
  • Test SMS / Send to – try to send the SMS to given number to test correct functionality

 

Language

It is possible to change a language of the whole device’s GUI – choose one of available languages which are listed in the drop-down menu. You may have to reload your web browser for the change to take effect.

 

6.0.7

 

Update

If the device is connected to the Internet you can use the “Auto update from Internet” option to automatically have the software updated, provided there is a new version of firmware available.  If there is no Internet connection you can still update manually from a file.

 

6.0.8

 

Backup

This function is only available, when the microSD card is inserted in the slot. You can backup complete system, or select only partial backup.

  • Project
  • Data-logs including alarm history, user actions history, advanced trends
  • Network configuration
  • System configuration

To perform the backup, put formatted microSD card into a front microSD slot of the device. You might need to restart the device to recognize the card insertion.

 

6.0.9

 

  • Make – creates back-up
  • Format – microSD card formatting with the file system FAT32

!!!! Please note that all the data stored on the microSD card will be deleted!!!!

  • Restore/Delete – restore the back-up data, delete the back-up data from the microSD card

 

You can also perform a periodic backups based on your time selection. This way you can keep your data redundant in a case you would encounter a problem with a box.

 

6.0.10

 

Restore from Backup

This function is only available, when the microSD card is inserted in the slot. You can use restore from backup to quickly set up a new box or switch existing one in a case of failure.

To perform a restore from backup, go to the Backup menu and select from available backups.

IMPORTANT: You will have to reboot your unit to complete a backup. If your selected backup contains also network settings, IP address of restored box can change.

 

Status

This section provides useful information on the device’s system, for example:

  • Version of used firmware
  • Device’s serial number
  • Running time since the last reboot
  • SMS counter – counts the total number of sent SMS
  • Active VPN user – displays the active VPN users
  • The green/red chart shows used/available physical memory of the device.
  • Scripts status
    • Status – displays script log and restart scripts
    • Main script – displays the status of main (initial) script
    • Timers – displays the status of each periodically started script
  • NTP Server status – displays the server status set for time synchronization.

* – time synchronized,

= – time synchronization in progress

  • System LED blinking – makes the system LED light on the panel to blink. Useful for identification of the equipment in the technology.
  • Location – enter the location of the device, e.g. a name of your city or factory
    (this is used for identification in some SMS/e-mail notice)
  • Hostname – again can be used to enter a user defined text or name, e.g. the connected router
  • Download for support – generates a zipped file containing all settings which can be later sent to a support personnel, typically by emailing to support@myscada.org

 

6.0.11

 

6.0.12

 

Reboot

When it is required, you can reboot the device’s system by clicking on the menu item “Reboot”. You will be prompted to confirm the rebooting procedure.

 

6.0.13

 

Network

A network grants you the ability to share resources and information among your interconnected devices. To communicate with other computers and devices, a communication channel must be properly established.

 

NETWORK MODE

To properly operate the device, you must first set the Network Mode. Select the desired networked mode by looking at the options (which depends on the version of your device). You can read through the Mode description when you select it. If you press apply new mode is selected.

 

6.0.14

 

Individual ports setting depend on the HW configuration with following options:

Interface

Mode

LAN/WAN

Routed

LAN/WAN

Bridged

3G/LTE

WAN

3G/LTE

Backup

 

Routed port is a standalone port with its own IP address depending on the type of the port LAN, WAN. Bridged port is a port included in the bridge group ((br0). IP and other features are set for the whole bridge. 3G WAN is a mobile connection and is considered to be the only access point into WAN. 3G Backup is a back-up connection into WAN (for setting see chapter 6.4.2)

 

LAN / WAN

In this section basic network settings can be set or changed. There are settings for WAN, LAN, LAN2 and wireless modem. Depending on which version of the device is purchased, the following settings are available:

 

6.0.15

 

Setting a unique IP address for the device is essential for proper functionality in a computer network. There are two options how to assign an IP address to the device along with other network information:

  1. DHCP – the device can obtain IP address and all other network information from a DHCP (Dynamic Host Configuration Protocol) server automatically. The server also eliminates duplicate IP assignments.
  2. STATIC – manually enter an IP address and all the required network information

 

Name server

A name server is a computer server that hosts a network service for providing responses to queries against a directory service. It maps a human-recognizable identifier to a system-internal, often numeric identification or addressing component. This service is performed by the server in response to the request of the network service protocol. You can use a public name-server such as 8.8.8.8 or use the one provided by your ISP.

 

3G Modem

If is your unit equipped with the 3G modem, you should set it up before use. Modem parameters must be filled in order to operate correctly. For concrete parameters such as APN, please consult your SIM data provider.

 

6.0.16

 

  • Use authentication – enter the correct user name & password (not always required)
  • Connection type – select from 2G, 3G or Auto option (auto option will switch automatically based on the signal strength)
  • PIN – when necessary enter a valid PIN for the SIM card inserted
  • APN – Access Point Name (it is provided by your mobile operator, default name is “internet”)
  • Dial number – enter the correct number for data access (it is provided by your mobile operator)
  • Use peer DNS – allows peer DNS
  • Connect after reboot – start the service after rebooting the device
  • Watchdog – watchdog performs periodic testing of the IP address accessibility. Note that without watchdog parameter set, connection check will be disabled, so lost connection would not restart the 3G Modem.

 

Use 3G as Internet Back-up

If you use WAN port as your primary connection to the network, you can use 3G Modem as your redundant connection. If your primary connection will go down, 3G modem will dial up and establish a connection. This way, your unit will be always reachable.

 

6.0.17

 

The “connect after reboot” setting is not available in this mode as modem connects only on primary connection failure. The modem will be connected only if there is no reply for ping command for host defined in the item “watchdog“. The fall back to primary connection will be recovered after the time specified in the “Backup timeout” parameter.

 

DHCP Server

Internal DHCP (Dynamic Host Configuration Protocol) server automatically assigns network information, such as IP addresses. Your unit can work as DHCP server.

 

6.0.18

 

To have DHCP server always running, tick “Start after reboot” option.

 

NAT / Routers

NAT (network address translation) allows multiple hosts on a VPN to access the Internet from a single IP address. It essentially acts as an agent between a public network (e.g. the Internet) and a local/private network.

 

6.0.19

 

Source routing allows a host who is transmitting packets of data to partially or completely specify the route in which the packet will travel through the network. To define a new route, you would need to enter its IP address, Mask and Gateway.

A reboot of the device’s system must take place in order for the changes to take effect.

 

Firewall

Firewall is a network security system that controls the incoming and outgoing network traffic by analyzing the data packets and determining whether they should be allowed through or not, based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted.  In the Firewall option you can see all open ports for every network interface in your system. You can block any port (disabling service on that port) for given service.

 

6.0.20

 

“Add service” – add your own setting for user defined port. This feature is usefull for user defined communication in server side scripts.

 

6.0.21

 

DDNS

Update of DNS (Internet Domain Name System) name servers. Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DNS configuration of its configured hostnames, addresses or other information.

To enable this option, please tick enable service and fill in the appropriate fields. Do not forget to tick “Start after reboot” option, to have your service running after a unit restarts.

 

6.0.22

 

PPTP

A PPTP (Point-to-point Tunneling Protocol) server gives you the ability to securely connect to a LAN from a remote location. This allows you to receive the same service of your workplace in the comfort of your own home. The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.

 

6.0.23

 

  • Unique IP Address – enter a unique IP address (which is not used anywhere else in your network)
  • DHCP IP range – set a range of IP addresses
  • Start after reboot – start the network service after rebooting the device
  • PPTP Server users – you can add several PPTP Server users

 

A PPTP Client allows you to connect to a PPTP based VPN (Virtual Private Network).

 

6.0.24

 

  • Connect to IP – an address of PPTP server
  • Username & Password – enter the correct username and password
  • Add route to remote network – route is defined as “IP address/network mask”, e.g. 192.168.1.1/24
  • Start after reboot – start the network service after rebooting the device
  • Watchdog – testing of the IP address accessibility via VPN (will be reconnected when necessary)
  • Dial hang-up – manual dialing up

 

Cisco VPN

Similarly to the PPTP this service gives you an option to secure your network by encrypting communication between interconnected computers and devices.

 

6.0.25

 

  • Import config from a file – if you already have a profile configuration file (*.pcf) that specifies the configuration of your VPN, you can load it from your computer by selecting “Browse”. Once the file is loaded, select “Import”.
  • IPSec ID – used to identify which IPSec Secret to use
  • IPSec gateway – enter a valid gateway
  • IPSec secret – used to secure the exchange of the username and password between the client and the server.
  • Xauth password – enter a valid password
  • Xauth username – enter a valid username
  • IKE Authmode – allows usage of IKE Autmode
  • Connect after reboot – start the service after rebooting the device
  • Watchdog – testing of the IP address accessibility via VPN (will be reconnected when necessary)

OPEN VPN

OpenVPN is an open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls.

Open VPN on myBOX is implemented in the way it is very easy to set up. You can use the box as an OPEN VPN server or use it as an OPEN VPN Client.

Open VPN SERVER Configuration

To enable open VPN Server fill in Unique Server IP and tic start after reboot.

 

6.0.26

 

If you want to have access to your internal network, you can add route to your internal networks. Click on the “Add route” button.

 

6.0.27

 

Fill in the subnet and netmask and click “Submit”

To connect clients, you should generate user certificate for each connected user. Click on the “Generate client certificate” button. Give it a name and we recommend also setting the user password.

 

6.0.28

 

Open VPN CLIENT Configuration

You can connect your myBOX to the Open VPN Server (this can be either other myBOX configured as a open VPN Server or any other open VPN server).  First of all, import the certificates generated from the server. If you have your profile protected by password, fill in the password. Finally, click on “Start after reboot” and “Change settings” button.

 

6.0.29

 

IPSec

Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).[1]

IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite, while some other Internet security systems in widespread use, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers of the TCP/IP model. Hence, IPsec protects any application traffic across an IP network. Applications do not need to be specifically designed to use IPsec. Without IPsec, the use of TLS/SSL had to be designed into an application to protect the application protocols.

 

6.0.30

 

  • Keep alive – allows you to choose how many links/paths data can be sent through before the linkage fails
  • NAT Traversal – allows NAT Traversal
  • Starting – start the service after rebooting the device
  • Tunnels – it is possible to define several tunnel

 

Ping

This internal Ping service is particularly useful when troubleshooting network communication. Simply fill in an IP address you need and hit the “Ping” button.

 

6.0.31

 

Status

A comprehensive status overview of all network settings and variables can be found here. Also displays detailed accounts on the active routes currently in your network including each individual destination, gateway and general masking address. Other important information given here is the interfacing configuration of each route, amount of data transmitted and received, IPSec status, and much more – essentially all information needed to make sure your network is operating properly.

 

6.0.32

 

IPsec tunnel  detail function detection.

 

6.0.33

 

Logout

When you are logged in the system, you can log out of it by pressing the “Logout” menu item.

Alternatively, click on the logged icon icon in the main screen to logout.

7.Appendix A – termination and biasing an RS-485 network #

Termination

Termination is used to match impedance with respect to impedance of the transmission line being used. When impedances are mismatched the transmitted signal is not completely absorbed by the load and the portion is reflected back into the transmission line. If the source, transmission line and load impedance are equal these reflections are eliminated. There are disadvantages of termination as well. Termination increases load on the drivers, increases installation complexity, changes biasing requirements and makes the system modification more difficult.

The decision whether or not to use termination should be based on the cable length and the data rate used by the system. A good rule of thumb is if the propagation delay of the data line is much less than one bit width, termination is not needed. This rule makes the assumption that reflections will damp out in several trips up and down the data line. Since the receiving port will sample the data in the middle of the bit, it is important that the signal level be solid at that point. In most cases termination is not required.

There are several methods of terminating data lines. Most commonly used is a parallel termination. A resistor is added in parallel with the receiver’s “A” and “B” lines in order to match the data line characteristic impedance specified by the cable manufacturer (120 ohms. is a common value). This value describes the intrinsic impedance of the transmission line and is not a function of the line length. A terminating resistor of less than 120 ohms should not be used. Termination resistors should be placed only at the extreme ends of the data line, and no more than two terminations should be placed in any system that does not use repeaters. This type of termination clearly adds heavy DC loading to a system. Another recommended type of termination is AC coupled termination. It adds a small capacitor in series with the termination resistor to eliminate the DC loading effect. The picture below illustrates both parallel and AC coupled termination on an RS-485 two-wire node.

 

7.0.1

 

Biasing an RS-485 Network

When an RS-485 network is in an idle state, all nodes are in listen (receive) mode. Under this condition there are no active drivers on the network. All drivers are tri-stated. Without anything driving the network, the state of the line is unknown. If the voltage level at the receiver’s A and B inputs is less than ±200mV the logic level at the output of the receivers will be the value of the last bit received. In order to maintain the proper idle voltage state, bias resistors must be applied to force the data lines to the idle condition. Bias resistors are nothing more than a pull-up resistor on the data B line (typically to 5 volts) and a pull-down resistor (to ground) on the data A line. The picture below illustrates the placement of bias resistors on a transceiver. The value of the bias resistors is dependent on termination and number of nodes in the system. The goal is to generate enough DC bias current in the network to maintain a minimum of 200mV between the B and A data lines.

 

7.0.2

 

Bias resistors can be placed anywhere in the network or can be split among multiple nodes. The parallel combination of all bias resistors in a system must be equal to or less than the calculated biasing requirements. This device uses 4.7Kohm bias resistors. That value is adequate for most systems without termination. The system designer should always calculate the biasing requirements of the network. Symptoms of under biasing range from decreased noise immunity to complete data failure. Over biasing has less effect on a system, the primary result is increased load on the drivers. Some systems can be sensitive to over biasing.

8.Appendix B – list of supported web browsers for the GUI #

The following Internet web browsers are supported and therefore recommended for correct viewing of provided web-based GUI:

  • MS Internet Explorer 9.0 and newer
  • Firefox 8.0 and newer
  • Opera 11.6 and newer
  • Apple’s Safari 6.0 and newer
  • Chrome 22