FAQs

Digi Transport

Debug output is usually obtained through the serial port (ASY0) or via telnet on the router (not SSH).

The options are:
“debug 0”   ->   ASY0
“debug 1”   ->   ASY1
“debug t”   ->   TELNET

To obtain debug output through SSH connect to the router via an SSH client & log in:

User-added image

Now, from the command line run the CLI command “TELNET 127.0.0.1” & log in:

User-added image

Now, you can send the debug output to the Telnet port running the CLI command “debug t” to see the debug output:

User-added image

Following an example in which IKE debug is enabled with level 4 (very high) and a IPsec VPN is removed:

User-added image

NB: In order to be sure to have all the debug output without losing old logs, please assure that the scroll line limit of the SSH client  is high (for example 2000). In Putty for example you should go to Change settings > Window to change the “Lines of scrollback” value:

User-added image

Permalink


Recommendations

It is recommended that a switch be used between the PC that will be uploading the files to the TransPort and the TransPort itself. Issues may occur in the file transfer and/or IP addressing if a switch is not used, and the process will need to start over to recover the TransPort.

Recovery Process

1) FlashWriter will first need to be downloaded and installed. You can download the latest version of FlashWriter from the Digi support site under the TransPort family of products:
http://www.digi.com/support/

2) The proper firmware file will also need to be downloaded to the local PC. Download the FlashWriter version of the firmware file with the .zip file extension from the Digi Support site at the below link:

http://transport.digi.com/digi/firmware/

NOTE: If you are unsure which firmware file to use, please contact Digi Technical Support for further assistance.

3) Extract the downloaded .zip file, which will give you the .all and .ini files needed to perform the upgrade.

4) Launch FlashWriter to view the first screen below, using the options shown below:

5) Click Advanced in the upper left corner, and choose Set remote TFTP IP address. With the most recent version of FlashWriter you will not need to perform steps 5 and 6).

6) Fill in a temporary IP address that will be used on the Digi TransPort and click OK, as shown in
the image below:

7) Set a Static IP address on your PC that falls within the same subnet range as the temporary IP
address that was assigned to the TransPort. Using the example IP above, the PC could be set to
an IP address of 192.168.1.100/24.

8) Once the IP addresses have been set on both the PC and in FlashWriter, click the Load button.
Click Yes on the first warning pop-up to continue.

9) Fill in the serial number of the TransPort and click OK. This number can be found on the label on
the bottom of the device:

10) A prompt for the location of the .all file will then pop-up. Click OK and browse to the file on the
PC’s hard drive.

11) After choosing the .all file, FlashWriter will ask you to choose the module type that is installed in the TransPort. Choose the appropriate module from the drop down list, and click OK.


12) Depending on the size of the firmware file, this may take a few minutes to complete the process. Once completed, a message should appear at the bottom of FlashWriter indicating so, as shown in the image below:

13) After the process completes, the TransPort will reboot itself and be back to factory defaults with the latest firmware installed.

Permalink


There is a reset button on the underside of most routers, holding this button in for 5 seconds will perform a factory reset on the router. When the reset is initiated in this manner, the LEDs on the front of the router will flash to indicate a reset is in progress, the router will automatically reboot once the procedure is complete. Do not remove the power while the router is running this reset procedure. Using this method will not preserve any settings.

Permalink


Digi TransPort routers with Enterprise firmware support:

IPsec in tunnel mode with Pre Shared Key and X.509 digital certificate authentication methods (client and server)
IPsec in transport mode with Pre Shared Key and X.509 digital certificate authentication methods (client and server)

IPsec with ModeCFG and Xauth (client only)

Dynamic multipoint VPN (DMVPN) spoke (client only)

L2TP over IPsec with Pre Shared Key and X.509 digital certificate authentication methods, usually known as L2TP/IPsec (client and server)

PPTP with or without MPPE encryption (client and server)

OpenVPN 2.1 & 2.2 (client and server)

For configuration information and walk-through guides, see: http://www.digi.com/support/productdetail?pid=5501&type=documentation  (opens in new window)
Use the browser search function to search for ‘VPN’, ‘IPsec’, ‘L2TP’, ‘PPTP’ or ‘OpenVPN’.

Permalink


Why use FTP Relay

The FTP Relay agents allow any files to be transferred onto the router by a specified user using the File Transfer Protocol to be temporarily stored in memory and then relayed to a specific FTP Server. This is useful when the router is being used to collect data files from a locally attached device such as a webcam which must then be transferred to a host system over a slower data connection such as W-WAN. In effect, the router acts as a temporary data buffer for the files.

Configure FTP Relay on a TransPort router

Browse to Configuration – Network > FTP Relay> FTP Relay n and configure the agent like in the following screenshot:

User-added image

Please find details for all the fields below:

Relay Files for user: is the name of the local user and should be one of the usernames assigned in the Configuration – Security > Users web page. This name is then used as the FTP login username when the local device needs to relay a file.
To FTP Server: is the name (IP address) of the FTP Server to which the files from the locally attached device are to be relayed.
Server Username: is the username required to log in to the specified FTP Server
Server Password/Confirm Server Password: is the password to be used to log in to the Server.
Remote directory: is the full name of the directory on the FTP Server to which the file is to be saved. Please note that if you use a Filezilla Server and you set for example “C:/” as Home directory for the server, when the transport will connect to it, the server won’t recognize “C:/” as home directory but only “\”, so in this case, this fields should contain only the subdirectories path contained in the Server home directory where you need to save the file. In this example this Path is “TestFTPRelay\T1” that correspond in the Server to the Path “C:/TestFTPRelay/T1”.
Rename file: When checked, this checkbox causes the router to store the uploaded files internally with a filename in the form “relnnnn” where nnnn is a number that is incremented for each new file received. When the file is relayed to the FTP Server the original filename is used. When unchecked, the file is stored internally using its original filename. This parameter should be set if it a file having a filename longer than 12 characters is to be uploaded. This is due to the internal file system having the 8.3 filename format (i.e. autoexec.bat).
Transfer Mode ASCII / Binary: These two radio buttons select between the two possible file transfer modes, binary data or ASCII data.
Transfer Command STORE / APPEND: These two radio buttons select between the two possible storage methods, either append to or replace existing file.
Attempt to connect to the FTP Server n times: The value in this text box specifies the number of connection attempts that the router should make if the first attempt is not successful.
Wait s seconds between attempts: The value in this text box specifies the interval (in seconds) that the router should wait in between successive connections attempts.
Remain connected for s seconds after a file has been transferred: The value in this text box specifies how long (in seconds) that the router will maintain the connection to the FTP host after transferring a file.
If unable to relay file Delete File / Retain file: These two radio buttons select the behavior with respect to storing the file if the router fails to connect to the FTP host (after retrying for the specified number of attempts). Select Delete File if the file should not be stored permanently. If the file is retained, manual intervention will be required to recover it at a later stage. Note:  If the file is not retained, it will be lost if the power is removed from the router.

The correspondent CLI commands for the configuration in this example are:

frelay 0 locuser “username”
frelay 0 ftphost “10.104.1.101”
frelay 0 ftpuser “user1”
frelay 0 ftpepwd “KD5lSVJDVVgD”
frelay 0 ftpdir “TestFTPRelay\T1”

Testing the FTP Relay feature

Configure the remote FTP server with an User (corresponding to the one configured on the TransPort FTP Relay agent), allowed at least to read/write on the Home directory specified:

User-added image

User-added image

Connect the local FTP client to the TransPort FTP server and transfer the file:

User-added image

Check the eventlog on the TransPort browsing to Management – Event Log, you will see the FTP transfer from the Local Host to the TransPort (in orange) and the FTP relay of the file from the TransPort to the remote FTP Server (in red)

User-added image

The successful transfer can be also checked on the FTP remote server:

User-added image

Permalink


I need a secure (encrypted) connection from my mobile device. How do I configure a TransPort router as a L2TP/IPsec VPN responder for Apple devices such as the iPhone; iPad or Android devices such as smart phones; or tablets?

TransPort routers can be configured as a VPN server for mobile devices (Apple iOS & Android), using IPsec to create a secure connection to your router.  This article will detail the steps needed to configure a L2TP/IPsec VPN using Pre-Shared keys.

TransPort firmware version 5157 or newer is recommended.  A change has been made in this firmware version to ensure L2TP sockets are closed and immediately returned to the ‘Listening’ state as soon as the VPN is disconnected, previous firmware versions have to wait until the L2TP socket inactivity timer expires.

This solution assumes that the TransPort router has a static and public IP address configured on its WAN interface, for the purposes of this article, we’ll assume PPP 1 is the WAN interface and has already been configured for internet access.

The commands listed should be entered via the CLI (telnet, serial connection, or ‘Execute a command’ in the web GUI)

Step 1:
Enable IPsec on the PPP1 interface
ppp 1 ipsec 1

Step 2:
Phase 1 of the VPN set up, IKE, is set by default to allow all combinations of authentication and encryption algorithm proposals.  Only a couple of extra settings need to be configured.
Configure the VPN Phase 1, IKE, so that all relevant SAs are removed when a VPN is disconnected.
ike 0 delmode 1
ike 0 invspidel ON

Step 3:
Phase 2 of the VPN setup is specific to either Apple iOS or Android devices.
If you are configuring a VPN for Apple devices only, then just complete Step 3a and move on to Step 4.
If you are configuring a VPN for Android devices only, then just complete Step 3b and move on to Step 4.
If you are configuring VPNs for both Apple and Android devices, complete both Step 3a & Step 3b then continue with Step 4.

Step 3a:
Configure the VPN Phase 2, IPsec
eroute 0 descr “iPad L2TP IPsec VPN”
eroute 0 peerid “*”
eroute 0 locipifent “PPP”
eroute 0 locipifadd 1
eroute 0 mode “Transport”
eroute 0 ESPauth “SHA1”
eroute 0 ESPenc “AES”
eroute 0 proto “UDP”
eroute 0 locport 1701
eroute 0 ltime 3600
eroute 0 authmeth “PRESHARED”
eroute 0 enckeybits 256

Step 3b:
Configure the VPN Phase 2, IPsec
eroute 1 descr “Android L2TP IPsec VPN”
eroute 1 peerid “*”
eroute 1 locipifent “PPP”
eroute 1 locipifadd 1
eroute 1 mode “Transport”
eroute 1 ESPauth “SHA1”
eroute 1 ESPenc “3DES”
eroute 1 proto “UDP”
eroute 1 locport 1701
eroute 1 ltime 28800
eroute 1 authmeth “PRESHARED”
eroute 1 enckeybits 256

Step 4:
Configure the VPN users:
user 2 name “vpn-user1”
user 2 password “password1”
user 2 access 4
user 3 name “vpn-user2”
user 3 password “password2”
user 3 access 4
user 4 name “vpn-user3”
user 4 password “password3”
user 4 access 4
user 5 name “vpn-user4”
user 5 password “password4”
user 5 access 4

Step 5:
Configure the IPsec Pre-Shared Key, this is common for ALL VPN users.
user 10 name “*”
user 10 password “my-secure-psk”
user 10 access 4
user 10 dun_en off

Step 6:
Configure enough L2TP instances for the total number of required VPNs, we’ll use 4 for the number of VPN users configured in Step 4.
l2tp 0 listen ON
l2tp 0 swap_io ON
l2tp 0 rnd_srcport ON
l2tp 1 listen ON
l2tp 1 swap_io ON
l2tp 1 rnd_srcport ON
l2tp 2 listen ON
l2tp 2 swap_io ON
l2tp 2 rnd_srcport ON
l2tp 3 listen ON
l2tp 3 swap_io ON
l2tp 3 rnd_srcport ON

Step 7:
Configure enough PPP instances that will be linked with the L2TP instances configured in step 6.
This is quickest and easiest via the routers web GUI.

In the router web GUI, browse to
Configuration – Network > Interfaces > Advanced > PPP 0 – 9 > PPP 5
Click the button labelled ‘Load answering defaults’.  DO NOT CLICK ‘APPLY’.
Repeat Step 7 for PPP 6, PPP 7 & PPP 8.

Step 8:
Create a link between the PPP interfaces configured in step 7 with the L2TP instances configured in Step 6.
This is quickest and easiest via the routers CLI.

PPP 5 will be linked to L2TP 0, PPP 6 to L2TP 1, PPP 7 to L2TP 2, PPP 8 to L2TP 3
ppp 5 l1iface “L2TP”
ppp 5 l1nb 0
ppp 6 l1iface “L2TP”
ppp 6 l1nb 1
ppp 7 l1iface “L2TP”
ppp 7 l1nb 2
ppp 8 l1iface “L2TP”
ppp 8 l1nb 3

Step 9:
Save the configuration.
config 0 save

The TransPort router configuration is now complete.

The next step is to configure the iPad or Android device to connect to the TransPort using an L2TP / IPsec VPN.

iPad & iPhone settings
Step 10:
On the iPad, browse to Settings > VPN
Press ‘Add VPN Configuration’

Step 11:
Choose L2TP, which is actually L2TP/IPsec but just named L2TP.  The option for IPsec is a Cisco VPN client and is not required.

Step 12:
Enter the following information:
Description = TransPort L2TP IPsec VPN
Server = <WAN IP ADDRESS OF ROUTER>
Account = vpn-user1
RSA SecurID = OFF
Password = password1
Secret = my-secure-psk
Send All Traffic = ON
Proxy = OFF

Note:
The ‘Server’ is the TransPort routers IP public IP address.
The ‘Account’ is a user name configured in Step 4.
The ‘Password’ is the corresponding password for the user configured in Step 4.
The ‘Secret’ is the Pre-Shared Key (password) configured in Step 5.

Step 13:
Press ‘Save’ in the top right corner.

Step 14:
You will now see the newly created VPN connection listed.  If there is more than 1 VPN connection shown on this screen, press on the new VPN named ‘TransPort L2TP IPsec VPN’ so a tick appears to the left of the name.
Move the ‘VPN’ slider over to the right from ‘OFF’ to ‘ON’ and the iPad will now try and connect.
When connected, the iPad will show ‘Connected’ with a timer showing the amount of time the VPN has been connected for.

Android device settings
Step 15:
On the Android device, browse to Settings > Wireless and network > VPN settings
Press ‘Add VPN’

Step 16:
Choose ‘Add L2TP/IPSec PSK VPN’.

Step 17:
Enter the following information:
VPN name = TransPort L2TP IPsec VPN
Set VPN server = <WAN IP ADDRESS OF ROUTER>
Set IPsec pre-shared key = my-secure-psk
Enable L2TP secret = disabled
DNS search domains = not set

Note:
The ‘VPN server’ is the TransPort routers IP public IP address.
The ‘IPsec pre-shared key’ is the Pre-Shared Key (password) configured in Step 5.
The VPN username & password will be requested when initiating the VPN.

Step 18:
Save the configuration, method used is specific to device.

Step 19:
You will now see the newly created VPN connection listed.  If there is more than 1 VPN connection shown on this screen, press on the new VPN named ‘TransPort L2TP IPsec VPN’.
A username and password will be requested.
Username = vpn-user2
Password = password2
Press ‘Connect’ and the Android device will now try and connect.
When connected, the Android device will show ‘Connected’ with a key symbol in the top status bar.

This is a brief configuration guide, an Application Note will be available soon.

——–

iPad VPN proposal information:
Phase 1 proposal = AES256, SHA1, DH group 2, Lifetime 3600 seconds
Authentication method = Pre-Shared Keys
ID Type used =  IPv4 address
Phase 2 proposal = ESP, AES256, SHA1, Lifetime 3600 seconds, Mode: UDP transport, Local UDP port: Variable, Remote UDP port: 1701

Android (Froyo) VPN proposal information:
Phase 1 proposal = 3DES, SHA1, DH group 2, Lifetime 28800 seconds
Authentication method = Pre-Shared Keys
ID Type used =  IPv4 address
Phase 2 proposal = ESP, AES256, SHA1, Lifetime 28800 seconds, Mode: UDP transport, Local UDP port: Variable, Remote UDP port: 1701

Permalink


This article explains how to upgrade firmware on a Digi TransPort or Sarian router using a USB flash drive to a version earlier than 5.2.9.13.

There are two different methods available:

Method A is simpler, but will erase any existing configuration files on the router.

Method B is more complicated, but will allow any existing configuration files on the router to be retained.

Method A: Loading a complete flash memory image onto the router, in the form of a ‘.all file’

Please note: upgrading the firmware using a ‘.all file’ will erase any existing configuration files on the router.

1) Obtain the latest ‘.all file’, which can be found at one of the following links depending on your model:

Digi TransPort .all files

Sarian .all files

It is very important that the correct firmware file is used for the model number being upgraded. If you attempt to load firmware designed for one model onto a different model the router may cease to function and will be difficult to recover.

To locate the correct firmware for your model, after clicking on a link above, select the subdirectory containing the version you wish to download (the newest version is recommended) then the subdirectory relating to your model. Select the .all file to download it. The format of the file name is as follows:

<model name>-<firmware version>.all

As an example, the file called WR44-5162.all is firmware for the WR44 model and is firmware version 5.162.

2) Rename the .all file to adhere to the ‘8.3’ filename format that the router expects – i.e. a maximum of 8 characters before the ‘.’ plus a maximum of 3 characters for the extension. You can see that WR44-5162.all has 9 characters before the ‘.’ and so will not be recognised by the router’s file system. In this example WR44-5162.all is renamed to WR44.all – this step is important as most downloaded .all files will not by default adhere to the 8.3 filename convention.

3) Create a file named autoexec.bat and edit it in a text editor (for example Notepad in Windows) to contain the following lines. Lines in bold will always need to be present; the ‘copy’ line should be amended as appropriate to reflect the name of the renamed .all file being copied (although the destination filename should be always be ‘all.all’ so that the existing .all file on the router is replaced. It is important to include a blank line at the end of the file after ‘flashleds’. For the example file ‘WR44.all’:

ERROR_EXIT
copy u:WR44.all all.all
scanr
flashleds

< BLANK LINE>

4) Using your PC, format a USB flash drive. Note that this will erase all data on the USB drive. Not all USB drives work with Digi TransPort or Sarian routers. Older firmware supports only FAT16 formatted drives but newer firmware supports FAT32. NTFS is not supported.

5) Once formatting is complete, perform a ‘safe hardware removal’ of the USB drive from your PC to ensure that any delayed writes have finished.

6) Check that the TransPort router recognises it by inserting it into a USB port on the front of the router, then connect to the router’s CLI (command line interface) via one of the following methods:

a) A Telnet or SSH session to the router’s IP address
b) A terminal emulator session (for example using Hyperterminal or TeraTerm) to the router’s ASY (serial) port

Issue the following command:

dir u: <enter>

If the USB drive is recognised, the CLI should report its size and other parameters. Remove the USB drive from the router.

7) Insert the USB drive back into your PC, and copy the .all file and the autoexec.bat file into the root directory of the USB drive.

8) When the file copying has finished, perform a ‘safe hardware removal’ of the USB drive from your PC to ensure that any delayed writes have finished.

9) Insert the USB drive into a USB port on the front of the router once more.

The firmware upgrade process should now begin. During the process, two or three of the LEDs on the front of the router will flash repeatedly to indicate that the files are being copied. After a few minutes, these LEDs should stop flashing, and most of the LEDs other than the original two or three on the front panel will flash repeatedly. This indicates that the upgrade process is complete, i.e. that the autoexec.bat file has finished with no errors.

10) Remove the USB drive from the router’s USB port.

11) Power cycle the router.

Please note, if the LEDs did not flash as expected, this could indicate a problem with the upgrade. In this case please do NOT reboot the router, instead connect to the router and determine if there is a problem by issuing the “scan” and “dir” commands.

12) Once the router has restarted, enter the following CLI command: ati5<enter>

The CLI will return a lot of information about the router, and the second and third lines will show the firmware image and bootloader version numbers. This can be used to verify that the upgrade process has been successful – for example:

ati5
Digi TransPort WR44-U4T1-WE1-XX Ser#:160601 HW Revision: 7902a
Software Build Ver5162. Aug 13 2012 05:12:25 SW
ARM Bios Ver 6.75 v39 400MHz B512-M512-F80-O0,0 MAC:00042d027359
Power Up Profile: 0

Method B: Upgrading individual firmware files

Please note: this method should be used if any existing configuration on the router needs to be retained.

1) Obtain the latest firmware zip file, which can be found at one of the following links depending on your model:

Digi TransPort firmware files

Sarian firmware files

It is very important that the correct firmware file is used for the model number being upgraded. If you attempt to load firmware designed for one model onto a different model the router may cease to function and will be difficult to recover.

To locate the correct firmware for your model, after clicking on a link above, select the subdirectory containing the version you wish to download (the newest version is recommended) then the subdirectory relating to your model. Select the zip file to download it.

2) Extract all of the files, from the downloaded zip archive, to a directory on your PC.

3) On your PC, rename the following two files as follows:

Rename the *.dwn file (the main firmware image) to image (with no extension)
Rename the *.rom file (the bootloader) to sbios1 (with no extension)

4) Create a file named autoexec.bat and open it in a text editor (for example Notepad in Windows). Add some or all of the following lines – the lines shown in bold will always need to be present, but the other lines should be amended as appropriate so that all of the files from the original firmware zip file are copied to the router. It is important to include a blank line at the end of the file after ‘flashleds’. For the example firmware version referred to, the autoexec file needs to contain the following lines:

ERROR_EXIT
del *.web
copy u:image image
copy u:sbios1 sbios1

copy u:logcodes.txt logcodes.txt
copy u:image4.c2 image4.c2
copy u:S5162w#D.web S5162w#D.web
copy u:python.zip python.zip
copy u:wizards.zip wizards.zip
move sbios1 sbios
scanr
flashleds

< BLANK LINE>

5) Using your PC, format a USB flash drive. Note that this will erase all data on the USB drive. Not all USB drives work with Digi TransPort or Sarian routers. Older firmware supports only FAT16 formatted drives but newer firmware supports FAT32. NTFS is not supported.

6) Once formatting is complete, perform a ‘safe hardware removal’ of the USB drive from your PC to ensure that any delayed writes have finished.

7) Check that the TransPort router recognises it by inserting it into a USB port on the front of the router, then connect to the router’s CLI (command line interface) via one of the following methods:

a) A Telnet or SSH session to the router’s IP address
b) A terminal emulator session (for example using Hyperterminal or TeraTerm) to the router’s ASY (serial) port

Issue the following command:

dir u: <enter>

If the USB drive is recognised, the CLI should report its size and other parameters. Remove the USB drive from the router.

8) Insert the USB drive back into your PC, and copy all of the firmware upgrade files into the root directory of the USB drive. The files should include all those from the original firmware zip file (with the image and bootloader files renamed as above) plus the autoexec.bat file.

9) When the file copying has finished, perform a ‘safe hardware removal’ of the USB drive from your PC to ensure that any delayed writes have finished.

10) Insert the USB drive into a USB port on the front of the router once more.

The firmware upgrade process should now begin. During the process, two or three of the LEDs on the front of the router will flash repeatedly to indicate that the files are being copied. After a few minutes, these LEDs should stop flashing, and most of the LEDs other than the original two or three on the front panel will flash repeatedly. This indicates that the upgrade process is complete, i.e. that the autoexec.bat file has finished with no errors.

11) Remove the USB drive from the router’s USB port.

12) Power cycle the router.

Please note, if the LEDs did not flash as expected, this could indicate a problem with the upgrade. In this case please do NOT reboot the router, instead connect to the router and determine if there is a problem by issuing the “scan” and “dir” commands.

13) Once the router has restarted, enter the following CLI command: ati5<enter>

The CLI will return a lot of information about the router.The second and third lines will show the firmware image and bootloader version numbers. This can be used to verify that the upgrade process has been successful – for example:

ati5
Digi TransPort WR44-U4T1-WE1-XX Ser#:160601 HW Revision: 7902a
Software Build Ver5162. Aug 13 2012 05:12:25 SW
ARM Bios Ver 6.75 v39 400MHz B512-M512-F80-O0,0 MAC:00042d027359
Power Up Profile: 0

Permalink


This article explains how to upgrade the firmware on a Digi TransPort or Sarian router using Flashwriter via your Ethernet port.

If you need to upgrade your firmware using Flashwriter via the serial port, please see this article: How to upgrade the firmware on a Digi TransPort router using Flashwriter – Serial Procedure

Please note that upgrading the firmware using Flashwriter will erase any existing configuration files on the router.

1) Download and install Flashwriter.

2) Obtain the latest Flashwriter firmware zip file, which can be found at one of the following links depending on your model:

Digi TransPort Flashwriter files

Sarian Flashwriter files

It is very important that the correct firmware file is used for the model number being upgraded. If you attempt to load firmware designed for one model onto a different model the router may cease to function and will be difficult to recover.

Note that there is at least one variation of firmware dependent on the module.  To determine which module module you have, please see the following article: How to Determine which module to select in the Flashwriter Procedure.   This article will also come into play on step 14 of this procedure.

To locate the correct firmware for your model, after clicking on a link above, select the subdirectory containing the version you wish to download (the newest version is recommended) then the subdirectory relating to your model. Select the zip file to download it. The format of the file name is as follows:

<model name>-<firmware version>.zip

As an example, the file called WR44-5162.zip is firmware for the WR44 model and is firmware version 5.162.

3) Extract all of the files, from the downloaded zip archive, to a directory on your PC.

4) Close any other programs that are running on your PC.

5) Connect the LAN 0 port of the router to the local Ethernet network, unless the model appears in the list below, in which case please use the specified LAN port. If you are connecting the router to your PC ‘directly’ via Ethernet (i.e. not via a local network) please ensure that a (non-managed) switch is connected between the router and PC.

Model Port Number
VC7400 LAN 4
VC5100 LAN 1
MW3520 LAN 1

6) Run the Flashwriter program that was installed in step 1).

7) Select ‘Eth’ as the ‘Communications port number/Interface’ in Flashwriter, which is the last entry in the drop down list.

8) On the main Flashwriter screen, ensure that:
– The ‘Configure only’ check box is NOT ticked
– The ‘Use event driven mode’ check box IS ticked
– The ‘Use Xmodem 1K’ check box is NOT ticked
– The ‘Use TFTP’ check box IS ticked
User-added image

9) Click the ‘Load’ button.

10) Click ‘Yes’ when prompted with the warning message.

11) Enter the serial number of the router.  This is located on the label on the underside of your TransPort.  On the label, you will note a line that shows SN / HW Rev / Batch.  These correspond with the values to the right of those.  The SN stands for serial number.  This is the six digit number which is the value Flashwriter is looking for.
User-added image

Once you enter the serial number of the TransPort, click OK.
User-added image

12) A message will pop up, “Next enter the location of the .all file.  Click OK.

13) Enter the location of the ‘.all file’ that you extracted from the zip file earlier (step 3) and then click Open.

14) Select the W-WAN module that is in your TransPort.
Please see the following article on determining which module you have:How to Determine which module to select in the Flashwriter Procedure.
Click OK after selecting the module.
At this point the Flashwriter program will update your firmware.

If you have any issues, please note what, if any, error messages pop up.
If it does error out, please try to run the procedure once again.

Please note: The TFTP firmware load takes place via Ethernet. However, Flashwriter can establish initial contact with the router either via the serial port or via Ethernet. The Ethernet option is provided because it is more convenient, but please note that the Ethernet option does not work in all circumstances:

  • Some older products do not support Ethernet
  • Some older bootloaders do not support Ethernet
  • If the firmware on the unit is badly corrupted, Ethernet may not work

Some common issues:

  • Selecting a serial port when actually using an Ethernet cable
  • If there is a firewall in place, make sure it is not blocking port 69.
  • Bad or no Ethernet connection
  • Sometimes we see an error message and it’s something in the laptop or computer itself.  Maybe trying another PC or laptop will resolve the issue.
  • Ensure you are loading the correct firmware.
  • If you are connecting the router to your PC ‘directly’ via Ethernet (i.e. not via a local network) please ensure that a (non-managed) switch is connected between the router and PC.

Permalink


This article explains how to upgrade to firmware version 5.2.9.13 or later on a Digi TransPort or Sarian router using a USB flash drive.

There are two different methods available:

Method A is simpler, but will erase any existing configuration files on the router.

Method B is more complicated, but will allow any existing configuration files on the router to be retained.

Method A: Loading a complete flash memory image onto the router, in the form of a ‘.all file’

Please note: upgrading the firmware using a ‘.all file’ will erase any existing configuration files on the router.

1) Obtain the latest ‘.all file’, which can be found at one of the following links depending on your model:

Digi TransPort .all files

Sarian .all files

It is very important that the correct firmware file is used for the model number being upgraded. If you attempt to load firmware designed for one model onto a different model the router may cease to function and will be difficult to recover.

To locate the correct firmware for your model, after clicking on a link above, select the subdirectory containing the version you wish to download (the newest version is recommended) then the subdirectory relating to your model. Select the .all file to download it. The format of the file name is as follows:

<model name>-<firmware version>.all

As an example, the file called WR44-5162.all is firmware for the WR44 model and is firmware version 5.162.

2) Rename the .all file to adhere to the ‘8.3’ filename format that the router expects – i.e. a maximum of 8 characters before the ‘.’ plus a maximum of 3 characters for the extension. You can see that WR44-5162.all has 9 characters before the ‘.’ and so will not be recognised by the router’s file system. In this example WR44-5162.all is renamed to WR44.all – this step is important as most downloaded .all files will not by default adhere to the 8.3 filename convention.

3) Create a file named autoexec.bat and edit it in a text editor (for example Notepad in Windows) to contain the following lines. Lines in bold will always need to be present; the ‘copy’ line should be amended as appropriate to reflect the name of the renamed .all file being copied (although the destination filename should be always be ‘all.all’ so that the existing .all file on the router is replaced. It is important to include a blank line at the end of the file after ‘flashleds’. For the example file ‘WR44.all’:

ERROR_EXIT
copy u:WR44.all all.all
scanr
flashleds

< BLANK LINE>

4) Using your PC, format a USB flash drive. Note that this will erase all data on the USB drive. Not all USB drives work with Digi TransPort or Sarian routers. Older firmware supports only FAT16 formatted drives but newer firmware supports FAT32. NTFS is not supported.

5) Once formatting is complete, perform a ‘safe hardware removal’ of the USB drive from your PC to ensure that any delayed writes have finished.

6) Check that the TransPort router recognises it by inserting it into a USB port on the front of the router, then connect to the router’s CLI (command line interface) via one of the following methods:

a) A Telnet or SSH session to the router’s IP address
b) A terminal emulator session (for example using Hyperterminal or TeraTerm) to the router’s ASY (serial) port

Issue the following command:

dir u: <enter>

If the USB drive is recognised, the CLI should report its size and other parameters. Remove the USB drive from the router.

7) Insert the USB drive back into your PC, and copy the .all file and the autoexec.bat file into the root directory of the USB drive.

8) When the file copying has finished, perform a ‘safe hardware removal’ of the USB drive from your PC to ensure that any delayed writes have finished.

9) Insert the USB drive into a USB port on the front of the router once more.

The firmware upgrade process should now begin. During the process, two or three of the LEDs on the front of the router will flash repeatedly to indicate that the files are being copied. After a few minutes, these LEDs should stop flashing, and most of the LEDs other than the original two or three on the front panel will flash repeatedly. This indicates that the upgrade process is complete, i.e. that the autoexec.bat file has finished with no errors.

10) Remove the USB drive from the router’s USB port.

11) Power cycle the router.

Please note, if the LEDs did not flash as expected, this could indicate a problem with the upgrade. In this case please do NOT reboot the router, instead connect to the router and determine if there is a problem by issuing the “scan” and “dir” commands.

12) Once the router has restarted, enter the following CLI command: ati5<enter>

The CLI will return a lot of information about the router, and the second and third lines will show the firmware image and bootloader version numbers. This can be used to verify that the upgrade process has been successful – for example:

ati5
Digi TransPort WR44-U4T1-WE1-XX Ser#:160601 HW Revision: 7902a
Software Build Ver5162. Aug 13 2012 05:12:25 SW
ARM Bios Ver 6.75 v39 400MHz B512-M512-F80-O0,0 MAC:00042d027359
Power Up Profile: 0

Method B: Upgrading individual firmware files

Please note: this method should be used if any existing configuration on the router needs to be retained.

1) Obtain the latest firmware zip file, which can be found at one of the following links depending on your model:

Digi TransPort firmware files

Sarian firmware files

It is very important that the correct firmware file is used for the model number being upgraded. If you attempt to load firmware designed for one model onto a different model the router may cease to function and will be difficult to recover.

To locate the correct firmware for your model, after clicking on a link above, select the subdirectory containing the version you wish to download (the newest version is recommended) then the subdirectory relating to your model. Select the zip file to download it.

2) Extract all of the files, from the downloaded zip archive, to a directory on your PC.

3) On your PC, rename the following two files as follows:

Rename the image file (the main firmware image) to image.tmp
Rename the *.rom file (the bootloader) to sbios1 (with no extension)

4) Create a file named autoexec.bat and open it in a text editor (for example Notepad in Windows). Add some or all of the following lines – the lines shown in bold will always need to be present, but the other lines should be amended as appropriate so that all of the files from the original firmware zip file are copied to the router. It is important to include a blank line at the end of the file after ‘flashleds’. For the example firmware version referred to, the autoexec file needs to contain the following lines:

ERROR_EXIT
del *.web
copy u:image.tmp image.tmp
copy u:sbios1 sbios1

copy u:logcodes.txt logcodes.txt
copy u:wr11.web wr11.web
copy u:python.zip python.zip
copy u:wizards.zip wizards.zip
del image
ren image.tmp image
copy image image4
move sbios1 sbios
scanr
flashleds

< BLANK LINE>

5) Using your PC, format a USB flash drive. Note that this will erase all data on the USB drive. Not all USB drives work with Digi TransPort or Sarian routers. Older firmware supports only FAT16 formatted drives but newer firmware supports FAT32. NTFS is not supported.

6) Once formatting is complete, perform a ‘safe hardware removal’ of the USB drive from your PC to ensure that any delayed writes have finished.

7) Check that the TransPort router recognises it by inserting it into a USB port on the front of the router, then connect to the router’s CLI (command line interface) via one of the following methods:

a) A Telnet or SSH session to the router’s IP address
b) A terminal emulator session (for example using Hyperterminal or TeraTerm) to the router’s ASY (serial) port

Issue the following command:

dir u: <enter>

If the USB drive is recognised, the CLI should report its size and other parameters. Remove the USB drive from the router.

8) Insert the USB drive back into your PC, and copy all of the firmware upgrade files into the root directory of the USB drive. The files should include all those from the original firmware zip file (with the image and bootloader files renamed as above) plus the autoexec.bat file.

9) When the file copying has finished, perform a ‘safe hardware removal’ of the USB drive from your PC to ensure that any delayed writes have finished.

10) Insert the USB drive into a USB port on the front of the router once more.

The firmware upgrade process should now begin. During the process, two or three of the LEDs on the front of the router will flash repeatedly to indicate that the files are being copied. After a few minutes, these LEDs should stop flashing, and most of the LEDs other than the original two or three on the front panel will flash repeatedly. This indicates that the upgrade process is complete, i.e. that the autoexec.bat file has finished with no errors.

11) Remove the USB drive from the router’s USB port.

12) Power cycle the router.

Please note, if the LEDs did not flash as expected, this could indicate a problem with the upgrade. In this case please do NOT reboot the router, instead connect to the router and determine if there is a problem by issuing the “scan” and “dir” commands.

13) Once the router has restarted, enter the following CLI command: ati5<enter>

The CLI will return a lot of information about the router.The second and third lines will show the firmware image and bootloader version numbers. This can be used to verify that the upgrade process has been successful – for example:

ati5
Digi TransPort WR44-U4T1-WE1-XX Ser#:160601 HW Revision: 7902a
Software Build Ver5162. Aug 13 2012 05:12:25 SW
ARM Bios Ver 6.75 v39 400MHz B512-M512-F80-O0,0 MAC:00042d027359
Power Up Profile: 0

Permalink


The debug.txt file is useful for troubleshooting a variety of issues with Digi TransPort and Sarian branded routers.  There are a several methods available for extracting the debug.txt file, below are some common examples.

FTP Client

Using an FTP client, such as, Filezilla make an FTP connection to the router and “drag” the debug.txt file to
the PC.

FTP Using Firefox

Using Firefox, make an FTP connection to the router by typing the IP address of the router prefixed with: ftp://

For example: ftp://10.1.208.1

Enter the login details for the router and click “OK


Right click the “debug.txt” file then “Save Link AS”

FTP Using Internet Explorer

From Internet Explorer, make an FTP connection to the router by typing the IP address of the router prefixed with: ftp://

For example: ftp://10.1.208.1

Enter the login details for the router and click “OK”

Right click the debug.txt file then “Save target As”

HTTP (Web Browser) Method

Browse to the router’s IP address, login using an administrative username and password.
Then navigate to:

Administration – File Management > FLASH Directory

Right click on “debug.txt” and click “Save Target As”

NOTE: In other browsers the menu may be slightly different, for example with Firefox uses
“Save Link As”

Using “Execute A Command” Method

Browse to the router’s IP address, login using an administrative username and password.
Then navigate to:

Administration – Execute a command


And enter the following command:

type debug.txt

Click “Execute”

Using Microsoft Windows Telnet

NOTE: The debug.txt file is quite large so it may be necessary to increase the scroll back buffer in
telnet to make it large enough to capture the full file.

Click on the C:\ icon and select “Properties”.  Next click “Layout” and set the Screen Buffer Size Height to its maximum.  Click “OK”

Next, Telnet to the router’s IP address:

Enter the username and password when prompted.  Once connected issue the command:  “type debug.txt

There will be a large amount of output scrolling on the screen which may take several seconds.  The command is complete once [ENDCFG] is seen.

To copy the file, right-click on the page and select “Mark” from the drop-down menu:

Select the contents by right-clicking on the page and selecting “Select All” from the drop-down menu:

Copy the contents, by right-clicking and selecting “Copy”:

Open up “Notepad” and select “Paste” and save the contents.

Permalink


This Knowledge Article will describe how to configure a Digi TransPort router to failover between 2 IPsec tunnels and recover automatically.

Configure IPsec Tunnel 0

Open the web interface of the device and navigate to Configuration – Network > Virtual Private Networking (VPN) > IPsec > IPsec Tunnels > IPsec 0

Configure the primary IPsec tunnel Phase 2 like desired. For example  :

Note : for more information on how to build an IPsec tunnel between two Digi TransPort routers, please see at the end of this article for a link to an Application Note

ipsec 0 phase 2

Makes sure that the tunnel is set to “Whenever a route to the destination is available” and if the tunnel is down and a packet is ready to be sent to “bring the tunnel up

tunnel up config

Repeat these steps for the second IPsec tunnel.

Configure IPsec Tunnel 0 out of service

Navigate to Configuration – Network > Virtual Private Networking (VPN) > IPsec > IPsec Tunnels > IPsec 0 > Advanced

Check the box “Go out of service if automatic establishment fails

out of service

Click Apply and Save Configuration.

Configure IPsec Tunnel 1 inhibit

Navigate to Configuration – Network > Virtual Private Networking (VPN) > IPsec > IPsec Tunnels > IPsec 1 > Advanced

Under “Inhibit this IPsec tunnel when IPsec tunnels” enter 0

tunnel 1 inhibit

This option will prevent IPsec Tunnel 1 to be built if IPsec Tunnel 0 is established.

Verify failover

You can verify that the failover is happening and the second is started as soon as the first IPsec tunnel is set out of service in the eventlog :

08:55:08, 31 Oct 2014,Eroute 1 VPN up peer: responder
08:55:08, 31 Oct 2014,New IPSec SA created by responder
08:55:08, 31 Oct 2014,(1778) IKE Notification: Initial Contact,RX
08:55:08, 31 Oct 2014,(1779) IKE Notification: Responder Lifetime,RX
08:55:08, 31 Oct 2014,(1778) New Phase 2 IKE Session  37.83.216.184,Initiator
08:55:08, 31 Oct 2014,(1776) IKE Keys Negotiated. Peer: responder
08:55:07, 31 Oct 2014,(1760) IKE SA Removed. Peer: responder,Dead Peer Detected
08:55:07, 31 Oct 2014,(1776) New Phase 1 IKE Session 37.83.216.184,Initiator
08:55:07, 31 Oct 2014,IKE Request Received From Eroute 1
08:55:07, 31 Oct 2014,(1775) New Phase 1 IKE Session  90.121.123.244,Initiator
08:55:07, 31 Oct 2014,IKE Request Received From Eroute 0
08:55:07, 31 Oct 2014,Eroute 0 Out Of Service,No SAs
08:55:07, 31 Oct 2014,Eroute 0 VPN down peer: responder
08:55:07, 31 Oct 2014,IPSec SA Deleted ID responder,Dead Peer Detected

The device will however keep trying to build the IPsec tunnel 0 in the background until the remote peer comes back online/is available. At which point, the IPsec tunnel 1 will be dropped down due to the inhibit configuration.

08:59:07, 31 Oct 2014,(1789) IKE SA Removed. Peer: responder,Successful Negotiation
08:58:38, 31 Oct 2014,Eroute 1 VPN down peer: responder
08:58:38, 31 Oct 2014,IPSec SA Deleted ID responder,Eroute inhibited
08:58:38, 31 Oct 2014,Eroute 0 Available,No SAs
08:58:38, 31 Oct 2014,Eroute 0 VPN up peer: responder
08:58:38, 31 Oct 2014,New IPSec SA created by responder
08:58:38, 31 Oct 2014,(1789) IKE Notification: Initial Contact,RX
08:58:38, 31 Oct 2014,(1790) IKE Notification: Responder Lifetime,RX
08:58:38, 31 Oct 2014,(1789) New Phase 2 IKE Session 90.121.123.244,Initiator
08:58:38, 31 Oct 2014,(1788) IKE Keys Negotiated. Peer: responder
08:58:37, 31 Oct 2014,(1788) New Phase 1 IKE Session 90.121.123.244,Initiator
08:58:37, 31 Oct 2014,IKE Request Received From Eroute 0
08:58:37, 31 Oct 2014,(1787) IKE SA Removed. Peer: ,Negotiation Failure
08:58:37, 31 Oct 2014,(1787) IKE Negotiation Failed. Peer: ,Retries Exceeded
08:58:27, 31 Oct 2014,IKE Request Received From Eroute 0
08:58:17, 31 Oct 2014,IKE Request Received From Eroute 0

You can find a more in depth Application Note on how to build an IPsec tunnel between two Digi TransPort routers using Pre-Shared key like in our example at the following link :

http://ftp1.digi.com/support/documentation/AN_010_IPSec_Over_Cellular_using_Digi_Transport_Routers.pdf

Permalink


There are five main methods by which new firmware can be loaded onto Digi TransPort or Sarian routers: Digi Device Cloud (DC), Web interface, FlashWriter, S/FTP and USB flash drive.

Note that, because of changes in the firmware, the procedure for loading firmware has changed for the S/FTP and USB flash drive procedures beginning at firmware version 5.2.9.13.  Please note the different procedures when using these methods.

1. Digi Device Cloud / Remote Manager 2.0

After setting up your account on DC and configuring your TransPort to connect to DC, log into your DC account and add the TransPort if it is not already added. You will need to download the correct firmware to your PC. The “FTP” version of the firmware file is needed. (See the Web interface method in #2.) Right-click on the TransPort and select Firmware, then Update Firmware. Select Browse and navigate to the firmware file. Select the Update Firmware button. Wait while the process is completed.
Scheduled firmware updates using DC. In DC go to Schedules. Click on New Schedule. On the Device tab there is the option for Gateway Firmware Update. Click on it. Now a window will pop up with a ‘Browse’ to button. Click on it and browse to where you have the file saved on your desktop. You’ll also need to give a ‘Description’ to the operation before you can proceed. The Description field is at the top of the New Schedule window in yellow.

Then hit the Schedule button in the lower right hand corner. A new window will pop up showing you all the devices in your account. Pick which ones you want the firmware to be loaded too and on the left hand side pick the Future option and then the time/date you want it to happen.

That’s it. You can monitor the progress of the operation in the Operations window right next to the Schedules window. You have to keep hitting the refresh button to update though. If you’ve chosen multiple units to upload then double click on the operation and you’ll see which units completed and which ones, if any, failed.

2. Web interface method

The Web interface method of upgrading firmware can be used locally or remotely. It is available only in Digi TransPort firmware versions 5.149 and later. The method involves clicking the “Update Firmware” option in the Web interface, browsing to a local or remote zip file containing the firmware, then clicking the “Update” button to start the automated update process. Only individual firmware files are replaced during the upgrade, so when a unit is upgraded via the Web interface method its current saved configuration will be retained.
How to upgrade the firmware on a Digi TransPort router using the Web interface

3. FlashWriter method

The FlashWriter method of upgrading firmware can be used only locally, i.e. a serial and/or Ethernet connection between your PC and the router to be upgraded is required. With the FlashWriter method the entire system flash will be overwritten, which means that any configuration will be lost.
How to upgrade the firmware on a Digi TransPort router using Flashwriter – Serial Procedure
How to upgrade the firmware on a Digi TransPort router using Flashwriter – Ethernet Method

4. S/FTP method

The SFTP or FTP method of upgrading firmware can be used locally or remotely. A little more background knowledge is required in order to use the S/FTP method. It is assumed that the user is familiar with the operation of S/FTP client software and Telnet or SSH client software. Only individual firmware files are replaced during the upgrade, so when a unit is upgraded via S/FTP its current saved configuration will be retained.
How to upgrade the firmware on a Digi TransPort router using FTP to a firmware version earlier than 5.2.9.13
How to upgrade the firmware on a Digi TransPort router using FTP to firmware version 5.2.9.13 or later

5. USB flash drive method

The USB flash drive method of upgrading firmware can be used only locally. The USB flash drive method is especially useful for upgrading routers during a site visit. Once the USB drive is configured the update process involves simply inserting the USB drive into the front of the router, waiting for a few minutes for a flashing LED sequence to indicate that the upgrade is complete, removing the USB drive then rebooting the router (for example by power-cycling it). There are two methods of upgrading firmware with a USB flash drive:

Method A) Loading a complete flash memory image onto the router, in the form of a ‘.all file’ – this is similar to the FlashWriter method, in that the entire system flash will be overwritten and any existing configuration will be lost.

Method B) Upgrading individual firmware files – this is similar to the FTP or Web interface methods, in that since only individual firmware files are updated, any current saved configuration will be retained.
How to upgrade the firmware on a Digi TransPort router using a USB flash drive to a firmware version earlier than 5.2.9.13
How to upgrade the firmware on a Digi TransPort router using a USB flash drive to firmware version 5.2.9.13 or later

Permalink


When using a Digi TransPort Router with a Public SIM card, the issue of reaching this device by it’s IP address happens as most/all providers will dynamically assign IP addresses that will change at every connection / reconnection.

To overcome this problem, it is possible to use a Dynamic DNS host configured in the router. The Router will update the service provider with it’s current IP Address and / or any IP Address changes. This will allow the device to be reached without knowing it’s currently assigned IP Address

Digi TransPort Routers currently supports 3 service providers type :
– DynDNS.org
– No-IP.org
– Other

In this example, No-IP.org will be used as they allow registration of free Dynamic DNS hosts.

Before you can successfully register the IP address of your router with a service provider, you must create an account on their web site. In this example, no-ip will be used.

1- Sign-UP for a Free Account on No-IP

Go to https://www.noip.com/sign-up and sign-up for a free DDNS Account. When registering, the “hostname” will be the name used to reach your device, for example: “digitesteu.ddns.net

User-added image

2- Configure Digi TransPort DDNS settings

Open a web browser to the IP Address of the Digi TransPort Routers and navigate to Configuration – Network > Dynamic DNS

– Select the Service Provider, in this example: No-IP
– Enter the Host and Domain Name previously chosen during registration at the service provider, in this example: digitesteu.ddns.net
– Destination port can be left to 0. This will by default use HTTP port 80.
– DynDNS User Name is the username chosen during registration.
– DynDNS Password and Confirm Password is the password chosen during registration
– When is which interface to use to send DDNS updates. By default, use default route.

Click Apply and Save Configuration

User-added image

3- Verify DDNS update

3.1 – On Digi TransPort Router

Navigate to Management > Event Log. A line should show the DynDNS update success :

12:47:01, 10 Mar 2015,DynDNS 0 host 0 updated: good 90.121.121.151

3.2 – On No-IP.org website

Navigate to https://www.noip.com/members/dns/ and login with the previously created account credentials.

Under Manage Hosts, the domain name should be displayed with the current Digi TransPort’s Routers IP.

User-added image

4- Test Connection

Now that the DDNS update is done, open a web browser to the selected domain name (in this example : digitesteu.ddns.net). The Web interface of the Digi TransPort Router should be displayed

User-added image

Permalink


Gobi 2000/3000 Sprint Provisioning
Overview
This document is intended for Gobi Transport units over the Sprint network.  The purpose is to quickly walk you through running the Gobi Carrier Wizard, how to provision the device for Sprint networks.  It also highlights items to look at and how to test the unit.

Assumptions
This guide assumes that you have a PC that is able to reach the TransPort through the Ethernet interface to gain access to the WebUI for configuration purposes.

Information You Might Need
If possible, please try to gather the following information from Sprint as it might be necessary for possible issues:
MSL – Master Subsidiary Lock is required to allow the PTN and the MSID to be programmed
PTN – The phone number, which should contain 10 digits
MSID – The Mobile Station Identity or MIN, again 10 digits

Running the Gobi Carrier Wizard
The first thing that will need to do be done is run the Gobi Carrier Wizard to enable the device for Sprint. The following steps will guide you through this process:

1) Log into the WebUI through the Ethernet interface. (Default IP address is 192.168.1.1)

2) Once in the WebUI, click on Wizards on the upper-left hand side, as shown in the screenshot below:
User-added image

3) Click on the GOBI Carrier Wizard, and then click Next, as shown in the screenshot below:
User-added image
4) Choose Sprint, and click Next, as shown below:
User-added image

5) On the next page, you will see a line that says “Save configuration changes here”, with the “here” being blue in color and underlined. Click the ‘here’ link and then click Save on the next screen. Reboot the device after saving.

6) After the device reboots, log back into the WebUI.

7) Navigate to Configuration > Network > Interfaces > Mobile > CDMA Provisioning.

8) Under the section titled Automatic Provisioning, click the Start button. DO NOT fill in any of the 3 parameters unless told to by Digi.  DO NOT fill out anything under Manual Provisioning.
User-added image

9) This process will take ~2 minutes to complete. Once the process completes, a message at the top of the page will indicate if it has either been successful or failed to provision. If successful, click the Reboot link and reboot the device.  If failed, try provisioning again.  Please email Digi Technical Support with the debug.txt file (please see “When contacting Digi Technical Support” below) if the failure continues.

Once the unit is provisioned, it could take another minute or so before it establishes an IP address.

Indicators, WebUI

LED Displays

For the WR41 & WR44
W-WAN NET
Will illuminate steady if the unit is able to log on to the Sprint mobile network.

W-WAN SIM
This LED should not light up since you do not a SIM for a Sprint account.

W-WAN DAT
Represents data passing to and from the network.

Signal Strength
Here is a guide for the signal strength:

  • -113 dBm or less (0 LED) -> effectively no signal
  • -112 dBm to –87 dBm (1 LED) -> weak signal
  • -86 dBm to –71 dBm (2 LEDs) -> medium strength signal
  • -70 dBm or greater (3 LEDs) -> strong signal

The minimum recommended strength indication is 2 LEDs. If you have no or 1 LEDs lit, it is recommended that you fit an external antenna to the unit.

For the WR21
Service
Illuminates steady when there is a network connection to the WWAN interface and flashes when data is transmitted or received.

WWAN
Flashes to show which network mode the unit is operating in:
Off – no service
1 blink – GPRS mode
2 blinks – EDGE mode
3 blinks – UMTS mode
4 blinks – HSDPA mode
5 blinks – HSUPA mode
On steady – CDMA mode

Strength
Here is a guide for the signal strength:

  • -113 dBm or less (0 LED) -> effectively no signal
  • -112 dBm to –87 dBm (1 LED) -> weak signal
  • -86 dBm to –71 dBm (2 LEDs) -> medium strength signal
  • -70 dBm or greater (3 LEDs) -> strong signal

The minimum recommended strength indication is 2 LEDs. If you have no or 1 LEDs lit, it is recommended that you fit an external antenna to the unit.

WebUI

Locating the Mobile IP Address
On the Home page, you should see the Mobile IP address under PPP1 (W-WAN (CDMA)).

NOTE: If you get an IP address of 120.x.x.x, this is a false mobile IP address.  Please see the Troubleshooting section of this document.
User-added image

Under Management > Network Status > Interfaces > Mobile
User-added image

NOTE:  Use the above screenshot as a reference for the below information.

Mobile Connection  

Registration Status
This is the registration status of the mobile module with respect to the cellular network.
Ideally, it will show up as registered.

Signal Strength
The signal strength in dBm being received by the mobile module.
Here is a guide for the signal strength:

  • -113 dBm or less (0 LED) -> effectively no signal
  • -112 dBm to –87 dBm (1 LED) -> weak signal
  • -86 dBm to –71 dBm (2 LEDs) -> medium strength signal
  • -70 dBm or greater (3 LEDs) -> strong signal

The minimum recommended strength indication is 2 LEDs. If you have no or 1 LEDs lit, it is recommended that you fit a high-gain external antenna to the unit.

Mobile Statistics
IP Address
The IP address of the mobile interface.

Primary DNS Address / Secondary DNS Address
The primary and secondary DNS addresses used by the mobile interface

Data Received
The number of data bytes that have been received on the mobile interface whilst it has been connected.

Data Sent
The number of data bytes that have been sent on the mobile interface whilst it has been connected.

Mobile Information  
Current system ID
The current system ID reported by the mobile module.

Current network ID
The current network ID reported by the mobile module.

Network
The current network reported by the mobile module.

Signal strength 1xRTT
The signal strength in dBm being received by the mobile module from 1xRTT networks.

Signal strength EVDO
The signal strength in dBm being received by the mobile module from EVDO networks.

Manufacturer
The manufacturer of the mobile module.  For a Gobi module, you should see either Huawei Incorporated or Qualcomm Incorporated.

Model
The model of the mobile module.  Examples for the Gobi would be Huawei EM680, Qualcomm Gobi 2000, Qualcomm Gobi 3000.

MDN
The Mobile Directory Number (MDN) of the mobile module.

MIN
The Mobile Identification Number (MIN) of the mobile module.

ESN
The Electronic Serial Number (ESN) of the mobile module.

MEID
The Mobile Equipment Identifier (MEID) of the mobile module.

Firmware
The firmware running on mobile module.

Bootcode
The bootcode firmware running on the mobile module.

Hardware version
The hardware version of the mobile module.

Registration State
See Registration Status.

Roaming status
The current roaming status of the mobile module.

Service capabilities
EVDO, CDMA 1x, or both

Radio band
1900 MHz for Sprint.

Channel
The transmission channel in use.  25 for Sprint.

Preferred system
Specifies what you configured it for: CDMA, EVDO, or Auto.  You can set this under Configuration > Network > Interfaces > Mobile > Advanced.

PRL version
The version of the Preferred Roaming List (PRL) loaded on the mobile module.

Activation status
The activation state of the mobile module. It can be of the following:

  • 0 – Not activated
  • 1 – Activated

Raising and Lowering the Cellular Link
Under Management > Connections > PPP Connections > PPP 1 – W-WAN, you should see the Mobile IP Address, the Primary and Secondary DNS Address, as well as buttons to Drop or Raise the link.
NOTE: If you get an IP address of 120.x.x.x, this is a false mobile IP address.  Please see the Troubleshooting section of this document.
User-added image

Locating the Event Log

Under Management > Event Log
This page displays the current contents of the event log on the router.  This log records events throughout the Digi device’s system including cellular information.  Some of this cellular information you might see would be status codes, error codes, signal strengths, tower locations, & service available.
Note: The newest information is on top of this file.

Testing
Once you have set up the mobile settings on your unit and you see a mobile IP address, there are a couple of quick tests you can do to ensure your device is working.

Ping test

Unfortunately, you cannot do a ping test on the Sprint Network.  Sprint blocks this port (please see Sprint EVDO Blocked Ports under Troubleshooting, below).

Accessing the Internet

If you have a laptop or computer directly connected to your Transport, you can try opening a browser and accessing the Internet (for example ‘http://www.digi.com’).

NOTE: In order for this step to be a valid test, you must ensure you do not have another source to the Internet, such as being connected to your company’s network either via Ethernet or over Wi-Fi.

If this fails, please email Digi Technical Support with the debug.txt file (please see “When contacting Digi Technical Support” below).

Access the Transport Remotely

With Sprint as a cellular provider, they block certain ports.  A complete list of these blocked ports may be found in the Troubleshooting section below.  One of those ports is port 80, which is HTTP, which is the protocol normally used to access the Internet. With Sprint blocking this port, a user will no longer be able to remote into the Transport by simply entering the address (i.e. http://x.x.x.x where the x’s are representing the mobile IP address of the Transport).  Locally, the user will still have access to it using the local IP address.

In order to resolve the issue of getting into the Transport using the mobile IP address, there are two methods.

  1. With the Transport, there are two services for entering the Web GUI, HTTP or HTTPS.  Sprint blocks port 80, which is HTTP, but they do not block port 443, which is HTTPS.  To change to HTTPS, go to Configuration > Network > Network Services, then click the “Enable Secure Web Server” button.  You will then click the Apply button and then the Save.  Then click the Save All button.  Note that you will lose your connection.  At this point, in order to access either remotely or locally, you will need to specify “https” (i.e. https://x.x.x.x where the x’s are representing your local or remote address of the Transport).
  2. The HTTP service, in the Transport, besides the normal port 80, also accepts port 8080.  This means that you can keep the default settings and then enter the unit remotely specifying port 8080 (i.e. http://x.x.x.x:8080 where the x’s are representing the mobile IP address of the transport).  Note that locally you may still enter the WebUI of the Transport as you normally would (http://x.x.x.x where the x’s are representing the local IP address of the Transport).  To change to HTTP (which is the default setting), go to Configuration > Network > Network Services, then click the “Enable Web Server” button.  You will then click the Apply button and then the Save.  Then click the Save All button.

If you have a mobile terminated account, you should be able to access the Transport remotely.  Find a laptop or PC that has Internet access (outside of the Transport), open a browser, and specify, using https, the mobile IP address of the Transport (i.e. https://166.55.x.x).

If this fails, please verify that you have Web Server enabled (Configuration > Network > Network Services).  Having IP Forwarding (Configuration > Network > IP Routing/Forwarding > IP Port Forwarding/Static NAT Mapping) or IP Passthrough (Configuration > Network > IP Passthrough) enabled could affect these results as well.  Otherwise, if you cannot access your Transport remotely, the issue could be that you have a mobile originated account or a private account.  You should check this with your provider.

Mobile Originated vs. Mobile Terminated

Mobile Origination – Allows for outbound data to pass through the Digi and receive responses from the data request, but it does not allow for data originating from the Internet to pass through the Digi or to devices beyond it.

Mobile Termination – Allows for 2-way communication of data, where data from the Internet can reach the Digi and beyond, and data from the Digi can go to the Internet.

Troubleshooting
Ensure you are on the latest firmware
Updating your firmware may resolve your issue as well as enhancements to both your Transport and traces for troubleshooting.

  1. To check your firmware, go to Administration > System Information and note your Firmware Version
  2. Compare the firmware version to our latest release by going to www.digi.com > Support > Firmware Updates.
  3. Enter your Transport Model (i.e. WR21) in the field and then click on your particular model.
  4. It should bring you to a page for your product.  Choose the fimrware for the type of upgrade you will performing, either via FTP (WebUI) or FlashWriter, from the options on the page and save the file to your PC.
  5. Please follow “TransPort Firmware Upgrade Instructions” that is available under the General Firmware page listed above.

False Mobile IP Address Sprint units
120.x.x.x – If you see an IP address in the 120.x.x.x network for your mobile IP address, you should note that this is a false IP address.  Please attempt to re-provision your Transport.  If you still receive a false IP address, please provide the debug.txt file to Tech Support (please see “When contacting Digi Technical Support” below).  You may also need to contact Sprint, as well.

Sprint EVDO Blocked Ports
80/tcp filtered http
113/tcp filtered auth
135/tcp filtered msrpc
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
559/tcp filtered teedtap
901/tcp filtered samba-swat
1022/tcp filtered unknown
1023/tcp filtered netvenuechat
1025/tcp filtered NFS-or-IIS
1433/tcp filtered ms-sql-s
3128/tcp filtered squid-http
3306/tcp filtered mysql
4000/tcp filtered remoteanything
4899/tcp filtered radmin
5000/tcp filtered UPnP
17300/tcp filtered kuang2
27374/tcp filtered subseven

Permalink


1)  Log into the WebUI, and navigate to Configuration – Network > IP Routing/Forwarding > IP Port Forwarding/Static NAT Mappings.

NOTE:  Use the below screenshot as a reference for steps 2-5

User-added image

2)  Fill in the Minimum and Maximum TCP/UDP ports the TransPort should listen on.  These can be the same port if only 1 port is being passed through, or a range of multiple ports if those are needed to pass through.

3)  Fill in the IP address of the LAN device the connection needs to get to.

4)  Fill in the TCP/UDP port of the LAN device the connection needs to get to.  Click Add when finished.

5)  Click Apply and Save the settings.

NOTE:  A reboot may be necessary at this point in time for the rules to take effect.

6)  Navigate to Configuration – Network > Interfaces > Mobile.

7)  Expand Mobile Settings, and change the NAT option to IP address and Port as shown in the screenshot below:

User-added image

8)  Click Apply and Save the changes.

Permalink


For most model TransPorts, the PPP 1 interface is the default cellular WAN interface.  If needed, an Ethernet interface may be used instead for WAN connectivity, for example, to connect to a separate non-cellular modem via Ethernet for Internet access.

Generally, all that needs to be done for this to work is to change the Interface of the Default Route to the Ethernet port and to enable NAT on the Ethernet WAN port.

To change the Interface of the Default Route to the Ethernet port, from the TransPort’s web interface, navigate to Configuration – Network > IP Routing/Forwarding > Static Routes > Default Route 0, and then change the “Default Route 0” Interface from PPP 1 (or whatever it currently is) to the appropriate Ethernet port, for example Ethernet 0.

For the vast majority of applications, enable NAT on the Ethernet WAN port.  In this “Ethernet as a WAN” scenario, NAT should only be disabled on the Ethernet WAN port in certain circumstances, for example, when using a private APN (and even then it may still need to be enabled).  To enable NAT on the Ethernet WAN port from the TransPort’s web interface, navigate to Configuration – Network > Interfaces > Ethernet > ETH x* > Advanced, and then check “Enable NAT on this interface”.  *Select the appropriate Ethernet port that’s being used for WAN (usually Eth 0 but not always).  Optionally check the option to enable NAT for “IP address and Port” instead of just “IP address” to avoid any potential Port Forwarding issues in the future.

Notes:

  • If the TransPort has multiple Ethernet ports, consider either enabling Port Isolate mode or utilizing Hub Groups.  Using an Ethernet port as the WAN interface will work without enabling Port Isolate mode or utilizing Hub Groups, but there are considerations.  If using the default Hub Mode instead of Port Isolate mode, traffic will route out of a single Ethernet port, for example Eth 0, and respond on that same port.
    • To enable Port Isolate mode from the TransPort’s web interface, navigate to Configuration – Network > Interfaces > Ethernet > ETH 0 > Advanced, and then click the “Switch to Port Isolate mode” button, unless the device is already in Port Isolate mode.
    • A Hub Group can alternatively be utilized by putting the WAN Ethernet port (Eth 0 for example) in a Hub Group that’s separate than the other ports.
    • For more information about Hub Mode vs. Port Isolate mode, and Hub Groups, please review the TransPort User Guide:  http://ftp1.digi.com/support/documentation/90001019.pdf
  • Be sure the TransPort’s Ethernet IPv4 port settings are configured correctly, to match the Ethernet-attached device.
  • Be sure to Apply any configuration changes, save the configuration, and then Reboot the TransPort.
  • WAN failover between Ethernet and Cellular may also be desired.  Please reference Quick Note 53 for information on this type of failover scenario.

Permalink


Digi TransPort RJ45 Serial Port to Cisco RJ45 Console Port – Cable Pinout

TransPort                            Cisco
Pin 1 – RTS                         Pin 1 – RTS
Pin 2 – DTR                         Pin 2 – DTR
Pin 6 – Tx                            Pin 3 – Tx
Pin 7 – DCD                        Pin 4 – DCD
Pin 5 – GND                        Pin 5 – GND
Pin 3 – Rx                            Pin 6 – Rx
Pin 4 – N/A                          Pin 7 – DSR
Pin 8 – CTS                         Pin 8 – CTS

Permalink


1)  Insert SIM card into a SIM slot 1.

2)  Power up Digi TransPort.

3)  Open a web browser and connect to Digi TransPort using the default IP address of 192.168.1.1.

4)  Once you are logged into the web interface, select Wizards under the home page, and then select radio button for Carrier Switching Wizard, as shown in the screenshot below:

User-added image

5)  Select AT&T on the next screen and then click next:

User-added image

NOTE:  The carrier firmware download may take few minutes to fully complete.  Do not navigate away from the screen while the firmware download is in progress

6)  Once the firmware download completes, navigate to Configuration – Network > Interfaces > Mobile > Mobile Settings, and locate the section titled Service Plan/APN.  In this field, enter in the APN provided by the carrier, as shown below:

User-added image

7)  Click on the Apply button and then Save the changes to flash.

NOTE:  It might take few minutes for device to get an IP address from the carrier when activating the device for the first time.  The Mobile IP address should appear under the Cellular section on the home page once obtained, and the Link/Service LED should go solid on the device:

User-added image

Permalink


← FAQs