Title of your website

myBOX USER MANUAL

6.Administration level #

My Account

In this menu you can change administrator password and other useful settings such as email and phone number.

 

6.0.1

 

System

In this section you can set up all settings related to the device system.

 

Date & Time

Enter the current date and time then click on „Change“ to save. You can also set a time zone where your country/city is located in.

 

6.0.2

 

NTP

This feature allows time synchronization with a Network Time Protocol server (e.g. time.nist.gov). Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.

 

6.0.3

 

SMTP

Here you can set an email server to be used to send email messages (this is provided by your ISP).

 

6.0.4

 

  • SMTP Server – the IP address of the SMTP server
  • Port – choose TCP port 25 (SMTP) or port 587 (Submission), or other given by your IT department or ISP provider
  • Mail from – an email address which email messages will be sent from. Use the form user@company.domain
  • Use authentication SSL/TSL – fill in the user name and password provided you desire to use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for enhanced communication security

 

Send Info Email After Boot

In case of unit reboot this choice generates an informational email for the specified group of users.

 

6.0.5

 

  • Enable – enable the service
  • Send to group  – set the group of users to which will be informational mail send.

 

SMS

If you have unit with 3G Modem, you should set up the SMS Center settings.

 

6.0.6

 

  • SMS Center – your service provider SMS center
  • Max SMS per min – maximum number of SMS sent during a minute. This choice limits the price of SMS services to be paid.
  • Test SMS / Send to – try to send the SMS to given number to test correct functionality

 

Language

It is possible to change a language of the whole device’s GUI – choose one of available languages which are listed in the drop-down menu. You may have to reload your web browser for the change to take effect.

 

6.0.7

 

Update

If the device is connected to the Internet you can use the “Auto update from Internet” option to automatically have the software updated, provided there is a new version of firmware available.  If there is no Internet connection you can still update manually from a file.

 

6.0.8

 

Backup

This function is only available, when the microSD card is inserted in the slot. You can backup complete system, or select only partial backup.

  • Project
  • Data-logs including alarm history, user actions history, advanced trends
  • Network configuration
  • System configuration

To perform the backup, put formatted microSD card into a front microSD slot of the device. You might need to restart the device to recognize the card insertion.

 

6.0.9

 

  • Make – creates back-up
  • Format – microSD card formatting with the file system FAT32

!!!! Please note that all the data stored on the microSD card will be deleted!!!!

  • Restore/Delete – restore the back-up data, delete the back-up data from the microSD card

 

You can also perform a periodic backups based on your time selection. This way you can keep your data redundant in a case you would encounter a problem with a box.

 

6.0.10

 

Restore from Backup

This function is only available, when the microSD card is inserted in the slot. You can use restore from backup to quickly set up a new box or switch existing one in a case of failure.

To perform a restore from backup, go to the Backup menu and select from available backups.

IMPORTANT: You will have to reboot your unit to complete a backup. If your selected backup contains also network settings, IP address of restored box can change.

 

Status

This section provides useful information on the device’s system, for example:

  • Version of used firmware
  • Device’s serial number
  • Running time since the last reboot
  • SMS counter – counts the total number of sent SMS
  • Active VPN user – displays the active VPN users
  • The green/red chart shows used/available physical memory of the device.
  • Scripts status
    • Status – displays script log and restart scripts
    • Main script – displays the status of main (initial) script
    • Timers – displays the status of each periodically started script
  • NTP Server status – displays the server status set for time synchronization.

* – time synchronized,

= – time synchronization in progress

  • System LED blinking – makes the system LED light on the panel to blink. Useful for identification of the equipment in the technology.
  • Location – enter the location of the device, e.g. a name of your city or factory
    (this is used for identification in some SMS/e-mail notice)
  • Hostname – again can be used to enter a user defined text or name, e.g. the connected router
  • Download for support – generates a zipped file containing all settings which can be later sent to a support personnel, typically by emailing to support@myscada.org

 

6.0.11

 

6.0.12

 

Reboot

When it is required, you can reboot the device’s system by clicking on the menu item “Reboot”. You will be prompted to confirm the rebooting procedure.

 

6.0.13

 

Network

A network grants you the ability to share resources and information among your interconnected devices. To communicate with other computers and devices, a communication channel must be properly established.

 

NETWORK MODE

To properly operate the device, you must first set the Network Mode. Select the desired networked mode by looking at the options (which depends on the version of your device). You can read through the Mode description when you select it. If you press apply new mode is selected.

 

6.0.14

 

Individual ports setting depend on the HW configuration with following options:

Interface

Mode

LAN/WAN

Routed

LAN/WAN

Bridged

3G/LTE

WAN

3G/LTE

Backup

 

Routed port is a standalone port with its own IP address depending on the type of the port LAN, WAN. Bridged port is a port included in the bridge group ((br0). IP and other features are set for the whole bridge. 3G WAN is a mobile connection and is considered to be the only access point into WAN. 3G Backup is a back-up connection into WAN (for setting see chapter 6.4.2)

 

LAN / WAN

In this section basic network settings can be set or changed. There are settings for WAN, LAN, LAN2 and wireless modem. Depending on which version of the device is purchased, the following settings are available:

 

6.0.15

 

Setting a unique IP address for the device is essential for proper functionality in a computer network. There are two options how to assign an IP address to the device along with other network information:

  1. DHCP – the device can obtain IP address and all other network information from a DHCP (Dynamic Host Configuration Protocol) server automatically. The server also eliminates duplicate IP assignments.
  2. STATIC – manually enter an IP address and all the required network information

 

Name server

A name server is a computer server that hosts a network service for providing responses to queries against a directory service. It maps a human-recognizable identifier to a system-internal, often numeric identification or addressing component. This service is performed by the server in response to the request of the network service protocol. You can use a public name-server such as 8.8.8.8 or use the one provided by your ISP.

 

3G Modem

If is your unit equipped with the 3G modem, you should set it up before use. Modem parameters must be filled in order to operate correctly. For concrete parameters such as APN, please consult your SIM data provider.

 

6.0.16

 

  • Use authentication – enter the correct user name & password (not always required)
  • Connection type – select from 2G, 3G or Auto option (auto option will switch automatically based on the signal strength)
  • PIN – when necessary enter a valid PIN for the SIM card inserted
  • APN – Access Point Name (it is provided by your mobile operator, default name is “internet”)
  • Dial number – enter the correct number for data access (it is provided by your mobile operator)
  • Use peer DNS – allows peer DNS
  • Connect after reboot – start the service after rebooting the device
  • Watchdog – watchdog performs periodic testing of the IP address accessibility. Note that without watchdog parameter set, connection check will be disabled, so lost connection would not restart the 3G Modem.

 

Use 3G as Internet Back-up

If you use WAN port as your primary connection to the network, you can use 3G Modem as your redundant connection. If your primary connection will go down, 3G modem will dial up and establish a connection. This way, your unit will be always reachable.

 

6.0.17

 

The “connect after reboot” setting is not available in this mode as modem connects only on primary connection failure. The modem will be connected only if there is no reply for ping command for host defined in the item “watchdog“. The fall back to primary connection will be recovered after the time specified in the “Backup timeout” parameter.

 

DHCP Server

Internal DHCP (Dynamic Host Configuration Protocol) server automatically assigns network information, such as IP addresses. Your unit can work as DHCP server.

 

6.0.18

 

To have DHCP server always running, tick “Start after reboot” option.

 

NAT / Routers

NAT (network address translation) allows multiple hosts on a VPN to access the Internet from a single IP address. It essentially acts as an agent between a public network (e.g. the Internet) and a local/private network.

 

6.0.19

 

Source routing allows a host who is transmitting packets of data to partially or completely specify the route in which the packet will travel through the network. To define a new route, you would need to enter its IP address, Mask and Gateway.

A reboot of the device’s system must take place in order for the changes to take effect.

 

Firewall

Firewall is a network security system that controls the incoming and outgoing network traffic by analyzing the data packets and determining whether they should be allowed through or not, based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted.  In the Firewall option you can see all open ports for every network interface in your system. You can block any port (disabling service on that port) for given service.

 

6.0.20

 

“Add service” – add your own setting for user defined port. This feature is usefull for user defined communication in server side scripts.

 

6.0.21

 

DDNS

Update of DNS (Internet Domain Name System) name servers. Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DNS configuration of its configured hostnames, addresses or other information.

To enable this option, please tick enable service and fill in the appropriate fields. Do not forget to tick “Start after reboot” option, to have your service running after a unit restarts.

 

6.0.22

 

PPTP

A PPTP (Point-to-point Tunneling Protocol) server gives you the ability to securely connect to a LAN from a remote location. This allows you to receive the same service of your workplace in the comfort of your own home. The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.

 

6.0.23

 

  • Unique IP Address – enter a unique IP address (which is not used anywhere else in your network)
  • DHCP IP range – set a range of IP addresses
  • Start after reboot – start the network service after rebooting the device
  • PPTP Server users – you can add several PPTP Server users

 

A PPTP Client allows you to connect to a PPTP based VPN (Virtual Private Network).

 

6.0.24

 

  • Connect to IP – an address of PPTP server
  • Username & Password – enter the correct username and password
  • Add route to remote network – route is defined as “IP address/network mask”, e.g. 192.168.1.1/24
  • Start after reboot – start the network service after rebooting the device
  • Watchdog – testing of the IP address accessibility via VPN (will be reconnected when necessary)
  • Dial hang-up – manual dialing up

 

Cisco VPN

Similarly to the PPTP this service gives you an option to secure your network by encrypting communication between interconnected computers and devices.

 

6.0.25

 

  • Import config from a file – if you already have a profile configuration file (*.pcf) that specifies the configuration of your VPN, you can load it from your computer by selecting “Browse”. Once the file is loaded, select “Import”.
  • IPSec ID – used to identify which IPSec Secret to use
  • IPSec gateway – enter a valid gateway
  • IPSec secret – used to secure the exchange of the username and password between the client and the server.
  • Xauth password – enter a valid password
  • Xauth username – enter a valid username
  • IKE Authmode – allows usage of IKE Autmode
  • Connect after reboot – start the service after rebooting the device
  • Watchdog – testing of the IP address accessibility via VPN (will be reconnected when necessary)

OPEN VPN

OpenVPN is an open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls.

Open VPN on myBOX is implemented in the way it is very easy to set up. You can use the box as an OPEN VPN server or use it as an OPEN VPN Client.

Open VPN SERVER Configuration

To enable open VPN Server fill in Unique Server IP and tic start after reboot.

 

6.0.26

 

If you want to have access to your internal network, you can add route to your internal networks. Click on the “Add route” button.

 

6.0.27

 

Fill in the subnet and netmask and click “Submit”

To connect clients, you should generate user certificate for each connected user. Click on the “Generate client certificate” button. Give it a name and we recommend also setting the user password.

 

6.0.28

 

Open VPN CLIENT Configuration

You can connect your myBOX to the Open VPN Server (this can be either other myBOX configured as a open VPN Server or any other open VPN server).  First of all, import the certificates generated from the server. If you have your profile protected by password, fill in the password. Finally, click on “Start after reboot” and “Change settings” button.

 

6.0.29

 

IPSec

Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).[1]

IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite, while some other Internet security systems in widespread use, such as Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers of the TCP/IP model. Hence, IPsec protects any application traffic across an IP network. Applications do not need to be specifically designed to use IPsec. Without IPsec, the use of TLS/SSL had to be designed into an application to protect the application protocols.

 

6.0.30

 

  • Keep alive – allows you to choose how many links/paths data can be sent through before the linkage fails
  • NAT Traversal – allows NAT Traversal
  • Starting – start the service after rebooting the device
  • Tunnels – it is possible to define several tunnel

 

Ping

This internal Ping service is particularly useful when troubleshooting network communication. Simply fill in an IP address you need and hit the “Ping” button.

 

6.0.31

 

Status

A comprehensive status overview of all network settings and variables can be found here. Also displays detailed accounts on the active routes currently in your network including each individual destination, gateway and general masking address. Other important information given here is the interfacing configuration of each route, amount of data transmitted and received, IPSec status, and much more – essentially all information needed to make sure your network is operating properly.

 

6.0.32

 

IPsec tunnel  detail function detection.

 

6.0.33

 

Logout

When you are logged in the system, you can log out of it by pressing the “Logout” menu item.

Alternatively, click on the logged icon icon in the main screen to logout.

Suggest Edit