Microhard Systemcs INC

BulletPlusAC CAT9

Model: BulletPlusAC-CAT9
600Mbps CAT9 LTE Advanced Carrier Aggregation /w 802.11ac

Document: BulletPlusAC.Manual.v1.0.0.pdf
FW: v1.5.0 Build 1007-35

150 Country Hills Landing NW

Calgary, Alberta
Canada T3K 5P3

Phone: (403) 248-0028

Toll Free: 1-855-353-0028
www.microhardcorp.com
Important User Information

Warranty
Microhard Systems Inc. warrants that each product will be free of defects in material and workmanship for a
period of one (1) year for its products. The warranty commences on the date the product is shipped by Micro-
hard Systems Inc. Microhard Systems Inc.’s sole liability and responsibility under this warranty is to repair or
replace any product which is returned to it by the Buyer and which Microhard Systems Inc. determines does
not conform to the warranty. Product returned to Microhard Systems Inc. for warranty service will be shipped
to Microhard Systems Inc. at Buyer’s expense and will be returned to Buyer at Microhard Systems Inc.’s ex-
pense. In no event shall Microhard Systems Inc. be responsible under this warranty for any defect which is
caused by negligence, misuse or mistreatment of a product or for any unit which has been altered or modified
in any way. The warranty of replacement shall terminate with the warranty of the product.
Warranty Disclaims
Microhard Systems Inc. makes no warranties of any nature of kind, expressed or implied, with respect to the
hardware, software, and/or products and hereby disclaims any and all such warranties, including but not lim-
ited to warranty of non-infringement, implied warranties of merchantability for a particular purpose, any inter-
ruption or loss of the hardware, software, and/or product, any delay in providing the hardware, software, and/
or product or correcting any defect in the hardware, software, and/or product, or any other warranty. The Pur-
chaser represents and warrants that Microhard Systems Inc. has not made any such warranties to the Pur-
chaser or its agents MICROHARD SYSTEMS INC. EXPRESS WARRANTY TO BUYER CONSTITUTES MICROHARD
SYSTEMS INC. SOLE LIABILITY AND THE BUYER’S SOLE REMEDIES. EXCEPT AS THUS PROVIDED, MICROHARD
SYSTEMS INC. DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTY OF MER-
CHANTABILITY OR FITNESS FOR A PARTICULAR PROMISE.
MICROHARD SYSTEMS INC. PRODUCTS ARE NOT DESIGNED OR INTENDED TO BE USED IN
ANY LIFE SUPPORT RELATED DEVICE OR SYSTEM RELATED FUNCTIONS NOR AS PART OF
ANY OTHER CRITICAL SYSTEM AND ARE GRANTED NO FUNCTIONAL WARRANTY.
Indemnification
The Purchaser shall indemnify Microhard Systems Inc. and its respective directors, officers, employees, suc-
cessors and assigns including any subsidiaries, related corporations, or affiliates, shall be released and dis-
charged from any and all manner of action, causes of action, liability, losses, damages, suits, dues, sums of
money, expenses (including legal fees), general damages, special damages, including without limitation,
claims for personal injuries, death or property damage related to the products sold hereunder, costs and de-
mands of every and any kind and nature whatsoever at law.

IN NO EVENT WILL MICROHARD SYSTEMS INC. BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL,
INCIDENTAL, BUSINESS INTERRUPTION, CATASTROPHIC, PUNITIVE OR OTHER DAMAGES WHICH MAY BE
CLAIMED TO ARISE IN CONNECTION WITH THE HARDWARE, REGARDLESS OF THE LEGAL THEORY BEHIND
SUCH CLAIMS, WHETHER IN TORT, CONTRACT OR UNDER ANY APPLICABLE STATUTORY OR REGULATORY
LAWS, RULES, REGULATIONS, EXECUTIVE OR ADMINISTRATIVE ORDERS OR DECLARATIONS OR OTHERWISE,
EVEN IF MICROHARD SYSTEMS INC. HAS BEEN ADVISED OR OTHERWISE HAS KNOWLEDGE OF THE POSSIBIL-
ITY OF SUCH DAMAGES AND TAKES NO ACTION TO PREVENT OR MINIMIZE SUCH DAMAGES. IN THE EVENT
THAT REGARDLESS OF THE WARRANTY DISCLAIMERS AND HOLD HARMLESS PROVISIONS INCLUDED ABOVE
MICROHARD SYSTEMS INC. IS SOMEHOW HELD LIABLE OR RESPONSIBLE FOR ANY DAMAGE OR INJURY, MI-
CROHARD SYSTEMS INC.'S LIABILITY FOR ANYDAMAGES SHALL NOT EXCEED THE PROFIT REALIZED BY MI-
CROHARD SYSTEMS INC. ON THE SALE OR PROVISION OF THE HARDWARE TO THE CUSTOMER.
Proprietary Rights
The Buyer hereby acknowledges that Microhard Systems Inc. has a proprietary interest and intellectual prop-
erty rights in the Hardware, Software and/or Products. The Purchaser shall not (i) remove any copyright, trade
secret, trademark or other evidence of Microhard Systems Inc.’s ownership or proprietary interest or confiden-
tiality other proprietary notices contained on, or in, the Hardware, Software or Products, (ii) reproduce or modi-
fy any Hardware, Software or Products or make any copies thereof, (iii) reverse assemble, reverse engineer or
decompile any Software or copy thereof in whole or in part, (iv) sell, transfer or otherwise make available to
others the Hardware, Software, or Products or documentation thereof or any copy thereof, except in accord-
ance with this Agreement.

© Microhard 2
Important User Information (continued)

About This Manual

It is assumed that users of the products described herein have either system integration or
design experience, as well as an understanding of the fundamentals of radio communications.

Throughout this manual you will encounter not only illustrations (that further elaborate on the
accompanying text), but also several symbols which you should be attentive to:

Caution or Warning
Usually advises against some action which could result in undesired or
detrimental consequences.

Point to Remember
Highlights a key feature, point, or step which is noteworthy. Keeping
these in mind will simplify or enhance device usage.

Tip
An idea or suggestion to improve efficiency or enhance usefulness.

Information
Information regarding a particular technology or concept.

© Microhard 3
Important User Information (continued)

Regulatory Requirements / Exigences Réglementaires

To satisfy FCC RF exposure requirements for mobile transmitting devices, a separation distance of 23cm or more should be maintained
between the antenna of this device and persons during device operation. To ensure compliance, operations at closer than this distance is not
recommended. The antenna being used for this transmitter must not be co-located in conjunction with any other antenna or transmitter.

Pour satisfaire aux exigences de la FCC d'exposition RF pour les appareils mobiles de transmission, une distance de séparation de 23cm ou
WARNING plus doit être maintenue entre l'antenne de cet appareil et les personnes au cours de fonctionnement du dispositif. Pour assurer le respect,
les opérations de plus près que cette distance n'est pas recommandée. L'antenne utilisée pour ce transmetteur ne doit pas être co-localisés
en conjonction avec toute autre antenne ou transmetteur.

MAXIMUM EIRP
FCC Regulations allow up to 36dBm Effective Isotropic Radiated Power (EIRP). Therefore, the sum of the transmitted power (in dBm), the
cabling loss and the antenna gain cannot exceed 36dBm.

WARNING Réglementation de la FCC permettra à 36dBm Puissance isotrope rayonnée équivalente (EIRP). Par conséquent, la somme de la puissance
transmise (en dBm), la perte de câblage et le gain d'antenne ne peut pas dépasser 36dBm.

EQUIPMENT LABELING / ÉTIQUETAGE DE L'ÉQUIPEMENT

This device has been modularly approved. The manufacturer, product name, and FCC and Industry Canada identifiers of this product must
appear on the outside label of the end-user equipment.

Ce dispositif a été approuvé de façon modulaire. Le fabricant, le nom du produit, et la FCC et de l'Industrie du Canada identifiants de ce
WARNING produit doit figurer sur l'étiquette à l'extérieur de l'équipement de l'utilisateur final.

SAMPLE LABEL REQUIREMENT / EXIGENCE D'ÉTIQUETTE :

BulletPlusAC-CAT9(Contains):

FCCID: RI7LM940
IC: 5131A-LM940

This device complies with Part 15 of the FCC Rules.

Operation is subject to the following two conditions:
(1) this device may not cause harmful interference,
and (2) this device must accept any interference
received including interference that may cause
undesired operation.

Please Note: These are only sample labels; different products contain different identifiers. The actual identifiers should be seen on
your devices if applicable. S'il vous plaît noter: Ce sont des exemples d'étiquettes seulement; différents produits contiennent des
identifiants différents. Les identifiants réels devrait être vu sur vos périphériques le cas échéant.

© Microhard 4
Revision History

Revision Description Initials Date

0.0.0 Preliminary. (Firmware v1.5.0-r1006) PEH 02/2018
1.0.0 First Release (v1.5.0-r1007-35) PEH 04/2018

© Microhard 5
Table of Contents

1.0 Overview ......................................................................................................... 9

1.1 Performance Features ....................................................................................................... 9
1.2 Specifications ..................................................................................................................... 10

2.0 QUICK START ................................................................................................. 12

2.1 Installing the SIM Card ....................................................................................................... 12
2.2 Getting Started with Cellular .............................................................................................. 12

3.0 Hardware Features ......................................................................................... 16

3.1 BulletPlusAC ...................................................................................................................... 16
3.1.1 BulletPlusAC Mechanical Drawings ......................................................................... 17
3.1.2 BulletPlusAC Connectors & Indicators ..................................................................... 18
3.1.2.1 Front & Top ................................................................................................ 18
3.1.2.2 Rear & Side................................................................................................ 19

4.0 Configuration.................................................................................................. 20
4.0 Web User Interface ........................................................................................................... 20
4.0.1 Logon Window .......................................................................................................... 21
4.1 System ............................................................................................................................... 22
4.1.1 Summary .................................................................................................................. 22
4.1.2 Settings ..................................................................................................................... 23
Host Name................................................................................................................ 23
Console Timeout ...................................................................................................... 23
Date/Time ................................................................................................................. 24
NTP Server Settings ................................................................................................. 25
4.1.3 Services .................................................................................................................... 26
FTP ........................................................................................................................... 26
Telnet ........................................................................................................................ 26
HTTP/HTTPS ........................................................................................................... 26
4.1.4 Keepalive .................................................................................................................. 28
4.1.5 Maintenance ............................................................................................................. 30
Firmware Upgrade .................................................................................................... 30
Reset to Default ........................................................................................................ 30
Backup & Restore Configurations ............................................................................ 31
4.1.6 Reboot ...................................................................................................................... 32
4.2 Network ............................................................................................................................. 33
4.2.1 Status ....................................................................................................................... 33
4.2.2 LAN ........................................................................................................................... 34
4.2.3 WAN ......................................................................................................................... 39
4.2.4 DHCP (MAC Binding) ............................................................................................... 41
4.2.5 DDNS ....................................................................................................................... 42
4.2.6 Routes ...................................................................................................................... 44
4.2.7 VRRP (Virtual Router Redundancy Protocol) .......................................................... 46
4.2.8 Ports (Switch) ........................................................................................................... 47
4.2.9 Bandwidth (Throttling Control) .................................................................................. 48
4.2.10 Device List ............................................................................................................... 49
4.2.11 Cloud Filter (Content/Security Filter) ....................................................................... 50
4.2.12 WebFilter (MAC/Network Content Filter) ................................................................ 51
4.2.13 LoadBalancer .......................................................................................................... 53

© Microhard 6
Table of Contents

4.3 IPv6 .................................................................................................................................... 55

4.3.1 Status ....................................................................................................................... 55
4.3.2 Setup ........................................................................................................................ 56
4.3.3 Firewall6 ................................................................................................................... 62
4.3.4 OpenVPN6 ............................................................................................................... 65
4.3.5 Route6 ...................................................................................................................... 72
4.4 WWAN ............................................................................................................................... 73
4.4.1 Status ....................................................................................................................... 73
4.4.2 Settings ..................................................................................................................... 74
Dual Cards Management ......................................................................................... 75
APN .......................................................................................................................... 76
4.4.3 SMS .......................................................................................................................... 78
4.4.4 SMS Config .............................................................................................................. 78
4.4.5 Data Usage ............................................................................................................... 83
Data Usage History .................................................................................................. 86
4.5 Wireless ............................................................................................................................. 87
4.5.1 Status ....................................................................................................................... 87
4.5.2 Radio1 ...................................................................................................................... 88
Radio1 Phy Configuration ........................................................................................ 88
Radio Virtual Interface .............................................................................................. 91
4.5.3 Hotspot ..................................................................................................................... 95
4.6 Firewall ............................................................................................................................. 99
4.6.1 Summary .................................................................................................................. 99
4.6.2 General ..................................................................................................................... 100
4.6.3 Port Forwarding ........................................................................................................ 102
4.6.4 MAC-IP List .............................................................................................................. 105
4.6.5 Rules ........................................................................................................................ 107
4.6.6 Firewall Default ......................................................................................................... 109
4.7 VPN .................................................................................................................................. 110
4.7.1 Summary .................................................................................................................. 110
4.7.2 Gateway to Gateway ................................................................................................ 111
4.7.3 L2TP Server/Client ................................................................................................... 117
4.7.4 OpenVPN ................................................................................................................. 121
OpenVPN Server ...................................................................................................... 121
OpenVPN Client ....................................................................................................... 125
4.7.5 VPN Users ................................................................................................................ 127
4.7.6 Certificate Management ........................................................................................... 128
4.8 Router ................................................................................................................................ 129
4.8.1 RIPV2 ....................................................................................................................... 129
4.8.2 OSPF ........................................................................................................................ 130
4.9 Serial .................................................................................................................................. 131
4.9.1 Status ...................................................................................................................... 131
4.9.2 Settings ..................................................................................................................... 132
Data Baud Rate ........................................................................................................ 133
IP Protocol Config..................................................................................................... 135
TCP Client ........................................................................................................... 135
TCP Server .......................................................................................................... 135
TCP Client/Server ................................................................................................ 136
UDP Point-to-Point .............................................................................................. 136
SMTP Client ........................................................................................................ 136
PPP...................................................................................................................... 137
GPS Transparent Mode ....................................................................................... 138

© Microhard 7
Table of Contents

4.10 I/O ....................................................................................................................................... 139

4.10.1 Settings ................................................................................................................... 139
4.11 GPS .................................................................................................................................... 141
4.11.1 Location ................................................................................................................... 141
4.11.2 Settings ................................................................................................................... 142
4.11.3 Report...................................................................................................................... 143
4.11.4 GPSGate ................................................................................................................. 145
4.11.5 UDPTracker............................................................................................................. 148
4.11.6 Recorder.................................................................................................................. 150
4.11.7 Load Record ............................................................................................................ 152
4.11.8 TAIP ........................................................................................................................ 154
4.12 Apps .................................................................................................................................. 156
4.12.1 Modbus ................................................................................................................... 156
4.12.1.1 TCP Modbus ............................................................................................ 156
4.12.1.2 Serial (COM) Modbus .............................................................................. 158
4.12.1.3 Modbus Data Map .................................................................................... 159
4.12.2 Netflow Report ........................................................................................................ 160
4.12.3 Local Monitor .......................................................................................................... 162
4.12.4 Event Report ........................................................................................................... 163
4.12.4.1 Configuration ............................................................................................ 163
4.12.4.2 Message Structure ................................................................................... 164
4.12.4.2 Message Payload ..................................................................................... 165
4.13 Diag .................................................................................................................................... 166
4.13.1 Ping ......................................................................................................................... 166
4.13.2 Traceroute ............................................................................................................... 166
4.13.3 Iperf ......................................................................................................................... 167
4.14 Admin ................................................................................................................................ 169
4.14.1 Users ....................................................................................................................... 169
4.14.2 Authentication (RADIUS) ........................................................................................ 171
4.14.3 NMS ........................................................................................................................ 171
4.14.4 SNMP ...................................................................................................................... 175
4.14.5 Discovery ................................................................................................................ 179
4.14.6 Logout ..................................................................................................................... 180

5.0 AT Command Line Interface .......................................................................... 181

5.1 AT Command Overview ................................................................................................... 181
5.1.1 Serial Port ............................................................................................................... 181
5.1.2 Telnet ...................................................................................................................... 182
5.2 AT Command Syntax ....................................................................................................... 183
5.3 Supported AT Commands ............................................................................................... 184

Appendices .......................................................................................................... 202

Appendix A: Serial Interface ....................................................................................................... 202
Appendix C: Port Forwarding Example ...................................................................................... 203
Appendix D: VPN (Site to Site) Example ................................................................................... 205
Appendix E: Firewall Rules Example ......................................................................................... 207
Appendix G: Troubleshooting ..................................................................................................... 209

© Microhard 8
1.0 Overview

The all new BulletPlusAC-CAT9 is a high-performance Cellular Ethernet & Serial Gateway
w/WiFi, equipped with 6x RJ45 Gigabit Ethernet Ports (4 LAN / 2 WAN), dual SIM capability,
2x Programmable I/O, Standalone GPS, 802.11bgna/ac WiFi, and dual serial communication
ports.
The BulletPlusAC-CAT9 utilizes the cellular infrastructure to provide network access to
wired or wireless devices anywhere cellular coverage is supported by a cellular carrier.
The BulletPlusAC uses LTE Advanced with Carrier Aggregation for provide up to 600 Mbps
of cellular data.

Providing reliable Cellular Ethernet bridge functionality as well gateway service for most
equipment types which employ an RS232/485, RJ45 or WiFi interface, the BulletPlusAC can
be used in a limitless types of applications such as:

• High-speed backbone • Legacy network/device

• IP video surveillance migration
• Voice over IP (VoIP) • SCADA (PLC’s, Modbus,
• Facilitating internetwork Hart)
wireless communications • Mobile Internet Access
• WiFi Hotspot

1.1 Performance Features

Key performance features of the BulletPlusAC-CAT9 include:

• Fast, reliable connection speeds to LTE/HSPA/HSPA+ Networks

• 2x Programmable Analog/Digital Inputs

• DMZ and Port Forwarding

• 6x 10/100/1000 Ethernet Ports (2WAN/4LAN)

• Standalone GPS (TCP Server/UDP/SMTP Reporting)

• User interface via local console, telnet, web browser

• Compatibility with virtually all PLCs, RTUs, and other RS232/485 serial devices.

• Local & remote wireless firmware upgradable

• User configurable Firewall with IP/MAC ACL

• IP/Sec secure VPN and GRE Tunneling

• IPv6 Addressing, Firewall, OpenVPN and Routing Capabilities

• Industrial Temperature Rating (-40oC to +85oC)

© Microhard 9
1.0 Overview

1.2 Specifications

BulletPlusAC-CAT9

BulletPlusAC-CAT9 Bands: LTE FDD LTE TDD HSPA+ Bands 1, 2, 3, 4, 5, 7, 8, 12, 13,
17, 20, 25, 26, 28, 29, 30, 66, 38, 40, 41 1, 2, 4, 5, 8
LTE 2DL carrier aggregation combinations
North America
B2+B2, B2+B4, B2+B5, B2+B12, B2+B13, B2+B17, B2+B29,
B2+B30, B4+B4, B4+B5, B4+B7, B4+B12, B4+B13, B4+B17,
B4+B29, B4+B30, B5+B30, B12+B12, B12+B30, B25+B25,
B25+B26, B25+B41, B26+B41, B29+B30, B41+B41
LTE 3DL carrier aggregation combinations
North America
B2+B2+B12/17, B2+B2+B13, B2+B2+B4, B2+B4+B5,
B2+B4+B12, B2+B4+B13, B2+B4+B29, B2+B5+B30,
B2+B12+B12, B2+B12+B30, B2+B29+B30, B4+B4+B5,
B4+B4+B7, B4+B4+B12, B4+B4+B13, B4+B5+B30,
B4+B12+B12, B4+B12+B30, B4+B29+B30, B25+B26+B41,
B25+B41+B41, B26+B41+B41, B41+B41+B41

BulletPlusAC-CAT9 Features: LTE: Up to 600 Mbps DL w/3x CA DL, 256QAM DL

Up to 75 Mbps UL w/UL 64 QAM
HSPA+ Rel. 8: DL/UL up to 42/11,5 Mbps
General
Serial Interface: Data: RS232, RS485, RS422
Console: RS232
Serial Baud Rate: 300bps to 921kbps

USB*: USB 2.0

(*Future)

Wi-Fi Module - RF specification frequency range 2400 – 2483.5 MHz

5745 -- 5825 MHz
Tx power: 0dBm to 30dBm adjustable
802.11 b/g/n/a/ac standard
sensitivity: -97dBm@ 1Mbps
spread method: OFDM, DSSS
modulation: QPSK/16QAM/64QAM
channel bandwidth: 20 MHz
access point, client

Ethernet: 4 x LAN 10/100/1000 BaseT, Auto - MDI/X, IEEE 802.3

2 x WAN 10/100/1000 BaseT, Auto - MDI/X, IEEE 802.3

WIFI: 802.11bgna/ac - Access Point & Client (Station) Modes

I/O: 2x Programmable Analog/Digital Inputs or up to 2x Digital Outputs

60mA current sink on open drain

SIM Card: 2x Micro SIM 1.8 / 3.0V 3FF size

PPP Characteristics: Dial on Demand/Idle Time

Network Protocols: IPv4, IPv6, TCP, UDP, TCP/IP, TFTP, ARP, ICMP, DHCP, HTTP,
HTTPS, SSH, SNMP, FTP, DNS, Serial over IP

© Microhard 10
1.0 Overview

General Specifications (Continued)

Environmental
Operation Temperature: -40oF(-40oC) to 185oF(850C)

Humidity: 5% to 95% non-condensing

Mechanical
Dimensions: 5.05”” (128mm) X 3.0” (76mm) X 1.2” (30mm)

Weight: Approx. 350 grams

Connectors: Antenna(s): CELL, DIV, GPS: SMA Female

3x WiFi: RP-SMA Female
Data, etc: Data: DE-9 Female (RS232/RS485)
Console: DE-9 Female (RS232)
Ethernet: 6x RJ-45
PWR, I/O: Power: SMT: 4-Pin Micro MATE-N-LOK AMP 3-794618-4
Mating Connector: 4-Pin Micro MATE-N-LOK AMP 794617-4

GPS Antenna Requirements:

- Frequency Range: 1575.42 MHz (GPS L1 Band)
- Bandwidth: +/- 2 MHz
- Total NF < 2.5dB
- Impedance 50ohm
- Amplification (Gain applied to RF connector): 19dB to 23dB
- Supply voltage 1.5V to 3.05V
- Current consumption - Typical 20mA (100mA max)
- Cellular Power Antenna Rejection + Isolation:
- 824 - 915 MHz > 10dB
- 1710 - 1785 MHz > 19dB
- 1850 - 1980 MHz > 23dB

© Microhard 11
2.0 Quick Start

This QUICK START guide will walk you through the setup and process required to access the
WebUI configuration window and to establish a basic wireless connection to your carrier.

Note that the units arrive from the factory with the Local Network setting configured as
‘Static’ (IP Address 192.168.168.1, Subnet Mask 255.255.255.0), in DHCP server mode.

2.1 Installing the SIM Card

✓ Before the BulletPlusAC can be used on a cellular network a valid SIM Card for your Wire-
less Carrier must be installed. Insert the SIM Card into the slot as shown, the top SIM
slot is for SIM1: (The contacts should face down, and the notch to the right)

To reset to factory SIM Card Slot (s)

defaults, press and hold
the CFG button for 8
seconds with the
BulletPlusAC powered up.
The LED’s will flash
quickly and the modem
will reboot with factory
defaults.
2.2 Getting Started with Cellular

✓ Connect the Antenna’s to the applicable ANTENNA jack’s of the BulletPlusAC.

✓ Connect the power connector to the power adapter and apply power to the unit, the CPU
LED will flash during boot-up, once on solid, proceed to the next step.

Use the MHS-supplied

power adapter or an
equivalent power source.

7-30VDC

© Microhard 12
2.0 Quick Start

✓ Connect A PC configured for DHCP directly to a LAN port of the BulletPlusAC, using an
Ethernet Cable. If the PC is configured for DHCP it will automatically acquire a IP Address
from the BulletPlusAC.

✓ Open a Browser Window and enter the IP address 192.168.168.1 into the address bar.

192.168.168.1
The factory default network
settings:

IP: 192.168.168.1
Subnet: 255.255.255.0
Gateway: 192.168.168.1
✓ The BulletPlusAC will then ask for a Username and Password. Enter the factory defaults
listed below.

The Factory default login:

User name: admin

Password: admin

You will be required to change the

default password when you login
for the first time.

The factory default login:

User name: admin

Subnet: admin

It is always a good idea to

change the default admin
login for future security.

© Microhard 13
2.0 Quick Start

✓ Once successfully logged in, the System Summary page will be displayed.

Auto APN: The BulletPlusAC

will attempt to detect the
carrier based on the SIM card
installed and cycle through a
list of commonly used APN’s
✓ If the SIM card is installed, but an APN has not been specified. The BulletPlusAC will try
to provide quick network to use Auto APN (default) which may provide quick network connectivity, but may not
connectivity. work with some carriers, or with private APN’s.

✓ To set or change the APN, click on the WWAN > Settings tab and enter the APN supplied
by your carrier in the APN field. Some carriers may also require a Username and Pass-
word.

© Microhard 14
2.0 Quick Start

✓ On the WWAN > Status Tab, verify that a WAN IP Address has been assigned by your
carrier. It may take a few minutes, so try refreshing the page if the WAN IP Address
doesn’t show up right away. The Activity Status should also show “Connected”.

✓ If you have set a static IP on your PC, you may need to add the DNS Servers shown in
the WWAN Status Menu to you PC to enable internet access.
Ensure the default
passwords are changed. ✓ Congratulations! Your BulletPlusAC is successfully connected to your Cellular Carrier.

✓ To access devices connected to BulletPlusAC remotely, one or more of the following must
be configured: Port Forwarding, DMZ or VPN Tunnel.

✓ Ensure that all default passwords are changed to limit access to the modem.

Set up appropriate firewall

rules to block unwanted ✓ For best practices and to limit data charges it is critical to properly set up the
incoming data. firewall. (Especially important for Public Static IP addresses.)

© Microhard 15
3.0 Hardware Features

3.1 BulletPlusAC
The BulletPlusAC is a fully-enclosed unit ready to be interfaced to external devices with standard
connectors as discussed below.

Image 3-1: BulletPlusAC

The BulletPlusAC Hardware Features Include:

• Standard Connectors for:

• 6x 10/100/1000 Ethernet Ports (RJ45 - 2xWAN / 4xLAN)
• 2x Serial Port (DB9) - 1 Console/Data (RS232), 1 Data (RS232/RS485)
• 4-Pin: MATE-N-LOK Type Connector for Power / I/O 1/2
• Cellular Antenna (Main/DIV - SMA Female Antenna Connection x2)
• GPS Antenna (SMA Female Antenna Connection)
• WiFi Antenna (RP-SMA Female Antenna Connection x3)
• Status/Diagnostic LED’s for RSSI(x3), GPS, WIFI, Status
• Dual SIM (Micro-SIM (3FF)) Card Slots
• MicroSD Slot (Internal/Future Development)
• CFG Button for factory default / firmware recovery operations
• USB 2.0 Connector (Internal/Future Development)

© Microhard 16
3.0 Hardware Features

3.1.1 Mechanical Drawing

© Microhard 17
3.0 Hardware Features

3.1.2 Connectors and Indicators

3.1.2.1 Front & Top

On the front of the BulletPlusAC is the CFG Button, USB Port, Main, Diversity, GPS & WIFI Antenna
Connectors and SIM Card Slots. The top of the Bullet are the status indicators, RSSI, GPS, WIFI and
Status.

Drawing 3-1: Bullet Front & Top View

The USB port is a future development to be available in later releases of firmware.

CFG (Button) - Holding this button while powering-up the BulletPlusAC will boot the unit into FLASH FILE
SYSTEM RECOVERY mode. The default IP address for system recovery (only - not for normal access to
the unit) is static: 192.168.1.39. Hold for 1 second for httpd recovery mode, 5 seconds for tftp recovery
mode, or 10 seconds for master reset. If button is held for longer than 15 seconds the button will be ig-
nored.

If the unit has been powered-up for some time (>1 minute), depressing the CFG Button for ~10 seconds
(unit will reboot) will result in FACTORY DEFAULTS being restored, including the static factory IP address.
This IP address is useable in a Web Browser for accessing the Web User Interface.

Receive Signal Strength Indicator (RSSI) - As the received signal strength increases, starting
with the furthest left, the number of active RSSI LEDs increases.
The factory default network
settings: Tx(Red)/Rx(Green) LED’s - The Tx/Rx LED’s indicate carrier (cellular) traffic.
IP: 192.168.168.1
Subnet: 255.255.255.0
Gateway: 192.168.168.1
GPS - Indicates that the optional standalone Signal RSSI1 RSSI2 RSSI3
GPS module has synchronized and is ready (dBm)
for use.
(-85, 0] ON ON ON
Status LED - The Power/Status LED indi- (-90, -85] ON ON FLASH
cates that power has been applied to the
module. Flashing indicates normal operation. (-95, -90] ON ON OFF
(-100, -95] ON FLASH OFF
SIM Card - This slot is used to install SIM
card(s) provided by the cellular carrier. Ensure (-105, -100] ON OFF OFF
that the SIM card is installed properly by pay- (-109, -105] FLASH OFF OFF
ing attention to the diagram printed next the
SIM card slot. Other SCANNING SCANNING SCANNING

Table 3-1: RSSI LED’s

© Microhard 18
3.0 Hardware Features

3.1.2.2 Rear & Side View

On the sides of the BulletPlusAC are the Console (RS232) & Data Ports (RS232/485) and on the back are
the Power, Ethernet (LAN/WAN) and the 2x Programmable I/O.

Drawing 3-2: BulletPlusAC Rear & Side View

The Serial Port (RS232/485 DCE) on the side of the unit is Pin RS485 RS485
used for RS232/485 Serial Data based field devices at 300 No. RS232 Half-Dup
Full-Dup
bps to 921kbps.
1 DCD
The Console Port (RS232 only) on the opposite side of the
unit can be used for console AT commands or can be 2 RXD TX- Data-
configured as a second data port. The default console 3 TXD RX+
settings are 115.2/8/N/1.
4 DTR
The Ethernet Ports (2LAN/WAN) are 10/100 Mbps RJ-45
5 Ground
interfaces used to connect devices Ethernet based field
devices. 6 DSR

Programmable I/O– The Bullet has 2 programmable Analog/ 7 RTS RX-

Digital Inputs or 2 Digital Outputs. Maximum recommended 8 CTS TX+ Data+
load for the output pin is 150mA @ 30 Vdc (Vin).
9 N/C
Vin+/Vin– is used to power the unit. The input Voltage range
is 7-30 Vdc. Table 3-2: Data RS232/485 Pin Assignment

PoE – The BulletPlusAC, if equipped, can also be powered

using Passive PoE on the Ethernet Port (WAN1), via a PoE injector.

Caution: Using a power Ethernet RJ45 Connector Pin Number

supply that does not
provide proper voltage Vin+ Vin-
may damage the modem. Source
1 2 3 4 5 6 7 8 IO-1 IO-2
Voltage

9 - 30 Vdc Data Data Data DC+ DC+ Data DC- DC-

Table 3-3: Ethernet PoE Connections

© Microhard 19
4.0 Configuration

4.0 Web User Interface

Image 4-0-1: WebUI

The factory default network Initial configuration of an BulletPlusAC using the Web User (Browser) Interface (Web UI) method involves
settings: the following steps:
IP: 192.168.168.1
Subnet: 255.255.255.0 • configure a static IP Address on your PC to match the default subnet or if your PC is configured for
Gateway: 192.168.168.1 DHCP, simply connect a PC to a LAN port of the BulletPlusAC and it will be assigned a IP address
automatically.

• connect the BulletPlusAC (LAN) port to your PC using an Ethernet cable

• apply power to the BulletPlusAC and wait approximately 60 seconds for the system to load

• open a web browser and enter the factory default IP address(192.168.168.1) of the unit:

• logon window appears; log on using default Username: admin Password: admin

• use the web browser based user interface to configure the BulletPlusAC as required.

• refer to Section 2.0: Quick Start for step by step instructions.

In this section, all aspects of the Web Browser Interface, presented menus, and available configuration
options will be discussed.

© Microhard 20
4.0 Configuration

4.0.1 Logon Window

Upon successfully accessing the BulletPlusAC using a Web Browser, the Logon window will appear.

For security, do not allow the

web browser to remember the
User Name or Password.

Image 4-0-2: Logon Window

The factory default User Name is: admin

The default password is: admin

Note that the password is case sensitive. It should be changed (discussed further along in this section),
but once changed, if forgotten, may not be recovered.
It is advisable to change the
login Password. Do not
FORGET the new password When entered, the password appears as ’dots’ as shown in the image below. This display format prohibits
as it cannot be recovered. others from viewing the password.

The ‘Remember my password’ checkbox may be selected for purposes of convenience, however it is
recommended to ensure it is deselected - particularly once the unit is deployed in the field - for one
primary reason: security.

If the BulletPlusAC is restored to factory defaults the password is also restored to the original default
password.

It is required to change the password upon initial login, once the password is changed, it will be
required to login to the unit once again with the updated password.

© Microhard 21
4.0 Configuration

4.1 System
The main category tabs located at the top of the navigation bar separate the configuration of the
BulletPlusAC into different groups based on function. The System Tab contains the following sub menu’s:

• Summary - Status summary of entire radio including network settings,

version information, and radio connection status
• Settings - Host Name, System Log Settings, System Time/Date
• Services - Enable/Disable and configure port numbers for SSH, Telnet, HTTP
and HTTPS services
• Keepalive - Configure System keep alive to ensure network/internet access.
• Maintenance - Remote firmware Upgrades, reset to defaults, configuration backup
and restore.
• Reboot - Schedule reboots and/or immediately reboot the system.

4.1.1 System > Summary

The System Summary screen is displayed immediately after initial login, showing a summary and status of
all the functions of the BulletPlusAC in a single display. This includes information about the System,
WWAN (Cellular Carrier), LAN/WAN network status and wireless (WIFI) status.

The System Summary page

will Auto Refresh, each time
this happens a small amount
of data is used. If viewing
over the Cellular Network this
data could add up to a
significant amount over a long
period of time.

Image 4-1-1: System Summary Window

© Microhard 22
4.0 Configuration

4.1.2 System > Settings

System Settings

Options available in the System Settings menu allow for the configuration of the Host Name, Description,
Console Timeout and System Log server settings.

Image 4-1-2: System Settings > System Settings

Host Name/Description
The Host Name is a convenient identifier for a specific BulletPlusAC Values (characters)
unit. This feature is most used when accessing units remotely: a
convenient cross-reference for the unit’s WAN/Carrier IP address. This BulletPlusAC (varies)
name appears when logged into a telnet session, or when the unit is
reporting into Microhard NMS System. up to 30 characters
The description provides an additional field for text characters, but is
not displayed anywhere but in this field.

Console Timeout (s)

This value determines when a console connection (made via Console Values (seconds)
Port or Telnet) will timeout after becoming inactive.
60
0-65535

CFG Reset to Default Button

Enabled by default, when the CFG button on the front of the Values (Selection)
BulletPlusAC is held down for 10s while the unit is powered up, the
unit will reset and all settings will be reset to factory defaults. When Enable
disabled the unit will reset, but the settings will not be overwritten. Disable

© Microhard 23
4.0 Configuration

System Syslog Server IP

The BulletPlusAC can report system level events to a third party Syslog IP Address
server, which can be used to monitor events reported by the BulletPlusAC.
0.0.0.0
The system syslog can also be viewed locally by using the following URL
and inserting the BulletPlusAC IP Address:

http://xxx.xxx.xxx.xxx/cgi-bin/webif/request.sh?syslog

System Syslog Server Port

Enter the UDP listening port of the Syslog Server. The default port number UDP Port
is generally 514, but could vary from Server to Server.
514

Time Settings

The BulletPlusAC can be set to use a local time source, thus keeping time on its own, or it can be
configured to synchronize the date and time via a NTP Server. The options and menus available will
change depending on the current setting of the Date and Time Setting Mode, as seen below.

Network Time Protocol (NTP)

can be used to synchronize the
time and date or computer
systems with a centralized,
referenced server. This can
help ensure all systems on a
network have the same time
and date.

Image 4-1-3: System Settings > Time Settings

Date and Time Setting Mode

Select the Date and Time Setting Mode required. If set for ‘Use Local Values (selection)
Time’ the unit will keep its own time and not attempt to synchronize
with a network server. If ‘Synchronize Date And Time Over Network’ is Use Local Time Source
selected, a NTP server can be defined. Synchronize Date And Time
Over Network

Date
The calendar date may be entered in this field. Note that the entered Values (yyyy-mm-dd)
value is lost should the BulletPlusAC lose power for some reason.
2015.04.01 (varies)

© Microhard 24
4.0 Configuration

Time
The time may be entered in this field. Note that the entered value is Values (hh:mm:ss)
lost should the BulletPlusAC lose power for some reason.
11:27:28 (varies)

Timezone
If connecting to a NTP time server, specify the timezone from the Values (selection)
dropdown list.
User Defined (or out of date)

POSIX TZ String
This displays the POSIX TZ String used by the unit as determined by Values (read only)
the timezone setting.
(varies)

NTP Server
Enter the IP Address or domain name of the desired NTP time server. Values (address)
pool.ntp.org

NTP Port
Enter the IP Address or domain name of the desired NTP time server. Values (port#)
123

NTP Client Interval

By default the modem only synchronizes the time and date during Values (seconds)
system boot up (default: 0), but it can be modified to synchronize at a
regular interval. This process does consume data and should be set 0
accordingly.

© Microhard 25
4.0 Configuration

4.1.3 System > Services

Services in the BulletPlusAC can be disabled/enable as well as changing the default ports used for either
security considerations or resource considerations. The changes are applied after a reboot. There are also
options to load or generate a HTTPS Certificate and control SSH options.

Image 4-1-4: System > Services

© Microhard 26
4.0 Configuration

FTP Upgrade
The FTP service can be enabled/disabled using the Services Status Values (checkbox)
Menu. The FTP service is used for firmware recovery operations.
Enable / Disable

Web UI
The default web server port for the web based configuration tools used Values (selection)
in the modem is port 80 (http) and port 443 (HTTPS).
HTTP/HTTPS
Change as required, but keep in mind that if a non standard port is HTTP
used, it must be specified in a internet browser to access the unit. HTTPS
(example: http://192.168.168.1:8080).

Telnet
Using the Telnet Service Enable/Disable function, you can disable the Values (port)
Telnet service from running on the modem. The port used by the
Telnet service can also be modified. The default is 23. 23

SSH
Using the SSH Service Enable/Disable function, you can disable the Values (port)
SSH service (Port 22) from running on the modem. The port used by
the SSH service can also be modified. The default is 22. 22

© Microhard 27
4.0 Configuration

4.1.4 System > Keepalive

The Keep alive tab allows for the configuration of the keep alive features of the BulletPlusAC. The
BulletPlusAC can check for activity on the Wireless Interface, The CLI (Command Line Interface), The
WEBUI, and ensure that they are working as expected. In the event that the BulletPlusAC does not detect
activity on a interface it will reboot to attempt to resolve any issues that may have occurred.

Image 4-1-5: System > Keepalive

Keep Alive
Enable or Disable the keep alive functions of the modem. If it is Values (Selection)
disabled, the user can configure the Traffic Check separately. The unit
will monitor traffic on the Cell interface. Enable / Disable

Traffic Check
Monitors traffic on the Cell interface as well as the WAN interface if the Values (Selection)
WAN port is configured as independent in the Network Settings. If the
Bullet detects that there is no activity on the above interfaces it will Enable / Disable
attempt a ICMP, HTTP or DNS Lookup as configured below to
determine if service has been lost.

CLI Activity
Monitors the activity of CLI. If the console isn't accessed within the Values (Selection)
certain period which is specified by Console Timeout in System-
Settings web page, the modem will send out the connection request. Enable / Disable

Web UI Activity
Monitors the activity of Web UI. If the Web UI isn't accessed or Values (Selection)
refreshed within the certain period which is specified by Console
Timeout in System-Settings web page, the modem will send out the Enable / Disable
connection request.

© Microhard 28
4.0 Configuration

Type
Once the connection is lost, the modem will send one of the requests Values (Selection)
to the remote host to determine the connection status. If the modem
fails to get the response, it will re-send the request within the seconds ICMP
specified by Keepalive Interval below: HTTP
DNS Lookup
ICMP: Send a "ping" request
HTTP: Send a "wget" request to a HTTP server
DNS Lookup: Send a "dslookup" request to a DNS server

Host Name
Specify a IP Address or Domain that is used to test the modems Values (IP or Domain)
connection. The modem will send out the connection requests to the
specified Host. 8.8.8.8

Keepalive Interval
The Interval value determines the frequency, or how often, the unit will Values (seconds)
send out PING messages to the Host. The BulletPlusAC will first
attempt to re-initialize the cellular model before performing a full 300
system reboot, thus the interval may be delayed by up to 120 seconds)

Keepalive Retry
The Keepalive Retry is the maximum number of connection failures Values (number)
such as “Host unreachable” the unit will attempt before the unit will
reboot itself to attempt to correct connection issues. The default 20
number is 20, and valid value is from 10 to 200.

© Microhard 29
4.0 Configuration

4.1.5 System > Maintenance

Firmware Upgrade

Occasional firmware updates may be released by Microhard Systems which may include fixes and/or new
features. The firmware can be updated wirelessly using the WebUI.

Image 4-1-6: Maintenance > Firmware Upgrade

Erase Current Configuration

Check this box to erase the configuration of the BulletPlusAC unit Values (check box)
during the upgrade process. This will upgrade, and return the unit to
factory defaults, including the default IP Addresses and passwords. unchecked
Not checking the box will retain all settings during a firmware upgrade
procedure.

Firmware Image
Use the Browse button to find the firmware file supplied by Microhard Values (file)
Systems. Select “Upgrade Firmware” to start the upgrade process.
This can take several minutes. (no default)

Reset to Default

The BulletPlusAC may be set back to factory defaults by using the Reset to Default option under System >
Maintenance > Reset to Default. *Caution* - All settings will be lost!!!

© Microhard 30
4.0 Configuration

Backup & Restore Configuration

The configuration of the BulletPlusAC can be backed up to a file at any time using the Backup
Configuration feature. The file can the be restored using the Restore Configuration feature. It is always a
good idea to backup any configurations in case of unit replacement. The configuration files cannot be
edited offline, they are used strictly to backup and restore units.

Image 4-1-7: Maintenance > Reset to Default / Backup & Restore Configuration

Name this Configuration / Backup Configuration

Use this field to name the configuration file. The .config extension will automatically be added to the
configuration file.

Restore Configuration file / Check Restore File / Restore

Use the ‘Browse’ button to find the backup file that needs to be restored to the unit. Use the ‘Check
Restore File’ button to verify that the file is valid, and then the option to restore the configuration is
displayed, as seen above.

The Keep WWAN Settings box can be selected before the restore process is started, if it is selected the
BulletPlusAC will retain the current carrier settings and not overwrite them with the settings contained in
the backup file.

© Microhard 31
4.0 Configuration

4.1.6 System > Reboot

The BulletPlusAC can be remotely rebooted using the System > Reboot menu. As seen below a button
‘Reboot now’ is provided. Once pressed, the unit immediately reboots and starts its boot up procedure. The
BulletPlusAC can also be restarted on a regular basis by setting up a daily/weekly/monthly schedules.

Image 4-1-8: System > Reboot

Status
Use this option to enable or disabled schooled reboots. If enabled the Values (selection)
BulletPlusAC will reboot at the interval defined below.
Disable / Enable

Type
Schedule daily, weekly or monthly reboots. Setting up a reboot Values (selection)
schedule can help keep the modem connected to the cellular carrier
and prevent physically rebooting the modem if located at a remote Reboot Daily
destination. Reboot Weekly
Reboot Monthly

Days / Time
If set for weekly, days are counted from Sunday to Saturday (0 to 6), Values (selection)
and if set to monthly the days are counted 1 to 31. Multiple days can
be specified by separating with a comma ‘,’. 1,
Set the time of day (24hr clock) for which to reboot the device.

© Microhard 32
4.0 Configuration

4.2 Network

4.2.1 Network > Status

The Network Status display gives a overview of the currently configured network interfaces including the
Connection Type (Static/DHCP), IP Address, Net Mask, Default Gateway, DNS, and IPv4 Routing Table.

You can also view statistical information about the interfaces including Received (RX) and Transmitted
(TX) bytes and packets for each network interface.

Image 4-2-1: Network > Network Status

© Microhard 33
4.0 Configuration

4.2.2 Network > LAN

LAN Port Configuration

The BulletPlusAC features 4x LAN ports that can be used for connection of devices on a local network.
The WAN1 port can also be bridged with the LAN therefore providing up to 5 LAN ports. By default the
LAN has a static IP Address assigned, 192.168.168.1. Also, by default the LAN is running a DHCP server
to provide IP Addresses to devices that are connected to the physical LAN port (s) (directly or via a switch).

DHCP: Dynamic Host

Configuration Protocol may
be used by networked Image 4-2-2: Network > Network LAN Configuration
devices (Clients) to obtain
unique network addresses LAN Add/Edit Interface
from a DHCP server.

Advantage:
The BulletPlusAC has the capability to have multiple SSID’s for the WiFi radio. New Interfaces can be
Ensures unique IP addresses added for additional SSID’s, providing, if required, separate subnets for each SSID. By default any
are assigned, from a central additional interfaces added will automatically assign IP addresses to connecting devices via DHCP.
point (DHCP server) within a Additional interfaces can only be used by additional WIFI SSID’s (virtual interfaces).
network.

Disadvantage:
The address of a particular
device is not ‘known’ and is
also subject to change.

STATIC addresses must be

tracked (to avoid duplicate
use), yet they may be
permanently assigned to a
device.

Image 4-2-3: Network > LAN Port Configuration

Spanning Tree (STP)

Within any IP network, each This option allows the BulletPlusAC to participate in the Spanning Tree Values (selection)
device must have its own protocol with other devices to prevent local loops. By default this is
unique IP address. disabled. Off / On

© Microhard 34
4.0 Configuration

IGMP Snooping
This feature allows a network switch to listen in on the IGMP Values (selection)
conversation between hosts and routers. By listening to these
conversations the switch maintains a map of which links need which IP Enable
The factory default
multicast streams. Disable
network settings:

IP: 192.168.168.1 Connection Type

Subnet: 255.255.255.0
Gateway: 192.168.168.1 This selection determines if the BulletPlusAC will obtain an IP address Values (selection)
from a DHCP server on the attached network, or if a static IP address
will be entered. If a Static IP Address is chosen, the fields that follow DHCP
must also be populated. Static

IP Address
A SUBNET MASK is a bit
If ‘Static’ Connection Type is selected, a valid IPv4 Address for the Values (IP Address)
mask that separates the network being used must be entered in the field. If ‘DHCP’ is chosen
network and host (device) this field will not appear and it will be populated automatically from the 192.168.168.1
portions of an IP address. DHCP server.
The ‘unmasked’ portion
leaves available the
information required to
identify the various devices
on the subnet.
Netmask
If ‘Static’ Connection Type is selected, the Network Mask must be Values (IP Address)
entered for the Network. If ‘DHCP’ is chosen this field will not appear
and it will be populated automatically from the DHCP server. 255.255.255.0

DNS Mode
If the Connection Type is set to DHCP, you can use Auto for the DNS Values (selection)
Within any IP network, each
Mode and a DNS server will automatically be defined. If the connection
device must have its own type is set as static, DNS servers can be manually specified. Auto
unique IP address. Manual

Primary DNS / Secondary DNS

Set the primary and alternate DNS (Domain Name Server) for use by Values (selection)
devices on the LAN port, if required.
Auto
Manual

© Microhard 35
4.0 Configuration

LAN DHCP

A BulletPlusAC may be configured to provide dynamic host control protocol (DHCP) service to all attached
(either wired or wireless (WiFi)-connected) devices. By default the DHCP service is enabled, so devices
that are connected to the physical Ethernet LAN ports, as well as any devices that are connected by WiFi
will be assigned an IP by the BulletPlusAC. The LAN DHCP service is available for each interface, and is
located in the add/edit interface menus.

Image 4-2-4: Network > DHCP Server

DHCP Server
The option is used to enable or disable the DHCP service for devices Values (selection)
Prior to enabling this service, connected to the LAN Port(s).
verify that there are no other
devices - either wired (e.g.
Enable / Disable
LAN) or wireless with an
active DHCP SERVER
service. (The Server issues Start IP Address
IP address information at the
request of a DHCP Client,
which receives the
Select the starting address DHCP assignable IP Addresses. The first Values (IP Address)
information.) octets of the subnet will be pre-set based on the LAN IP configuration,
and can not be changed. 192.168.168.100

Number of Address
Set the maximum number of IP addresses that can be assigned by the Values (integer)
BulletPlusAC.
150

Lease Time
The DHCP lease time is the amount of time before a new request for a Values (minutes)
network address must be made to the DHCP Server.
720

Alternate Gateway
Specify an alternate gateway for DHCP assigned devices if the default Values (IP Address)
gateway is not to be used.
(IP Address)

© Microhard 36
4.0 Configuration

Preferred DNS Server

Specify a preferred DNS server address to be assigned to DHCP Values (IP Address)
devices.
DNS: Domain Name Service (IP Address)
is an Internet service that
translates easily-
remembered domain names
into their not-so-easily-
remembered IP addresses.
Alternate DNS Server
Being that the Internet is Specify the alternate DNS server address to be assigned to DHCP Values (IP Address)
based on IP addresses, devices.
without DNS, if one entered
the domain name (IP Address)
www.microhardcorp.com (for
example) into the URL line of
a web browser, the website
‘could not be found’).
WINS/NBNS Servers
Enter the address of the WINS/NBNS (NetBIOS) Server. The WINS Values (IP/Domain)
server will translate computers names into their IP addresses, similar
to how a DNS server translates domain names to IP addresses. (no default)

WINS/NBT Node Type

Select the method used to resolve computer names to IP addresses. Values (selection)
Four name resolution methods are available:
B-node: broadcast none
P-node: point-to-point b-node
M-node: mixed/modified p-node
H-node: hybrid m-node
h-node

© Microhard 37
4.0 Configuration

VLAN Configuration
The BulletPlusAC has the capability to add multiple network interfaces, as such it may be desirable to
segment these different subnets. The BulletPlusAC features 802.1Q VLAN. 802.1Q VLAN uses tagging to
allow separation of network segments. Ports can belong to multiple VLANs. A Trunk port can be configured
to communicate with other VLAN switch by adding all configured VLANs to a single port. The native VLAN1
is used by default, it is important that any connected VLAN switch use the same Native VLAN.

Image 4-2-5: Network > VLAN

VLAN Name
VLAN names can be added to aid in VLAN identification (purpose, I,e Values
Engineering, Accounting, etc).
(no default)

VLAN ID
When adding a VLAN you must select a VLAN ID. Select between 2 Values
and 127 for valid VLAN IDs.
2 (2-127)

Port 1 - 2
Assign port to the current VLAN. Values (selection)
Excluded: Not part of the current VLAN Excluded
Tagged: In 802.1Q this assigns the current VLAN to the port, Tagged
Untagged: In port based VLAN this assigns a port to the current Untagged
VLAN.

Network
Allows the user the ability to assign specific configured network Values (selection)
interfaces to a specific VLAN. (802.1Q)
None
LAN
(additional network interfaces)

© Microhard 38
4.0 Configuration

4.2.3 Network > WAN

WAN Configuration
The WAN configuration refers to the wired WAN connections on the BulletPlusAC. The WAN ports can be
used to connect the BulletPlusAC to other networks, the internet and/or other network resources.

Image 4-2-6: Network > WAN Configuration

DHCP: Dynamic Host

Configuration Protocol may Working Mode
be used by networked
devices (Clients) to obtain
unique network addresses
Use this to set the function of the physical WAN RJ45 port. If set to Values (selection)
from a DHCP server. independent WAN , the physical WAN port will operate as a standard
WAN port. Alternatively it can be configured to be bridged to the LAN, Independent WAN
Advantage: and operate as a second LAN port, or even as an independent LAN.
Ensures unique IP addresses Bridged with LAN Port
are assigned, from a central Independent LAN
point (DHCP server) within a
network.
Connection Type
Disadvantage:
The address of a particular
device is not ‘known’ and is
This selection determines if the BulletPlusAC will obtain an WAN IP Values (selection)
also subject to change. address from a DHCP server, or if a static IP address will be entered.
If a Static IP Address is chosen, the fields that follow must also be DHCP
STATIC addresses must be populated.
tracked (to avoid duplicate Static
use), yet they may be
permanently assigned to a
device. IP Address
If ‘Static’ Connection Type is selected, a valid IPv4 Address for the Values (IP Address)
network being used must be entered in the field. If ‘DHCP’ is chosen
this field will not appear and it will be populated automatically from the (no default)
DHCP server.

© Microhard 39
4.0 Configuration

Netmask
If ‘Static’ Connection Type is selected, the Network Mask must be Values (IP Address)
entered for the Network. If ‘DHCP’ is chosen this field will not appear
and it will be populated automatically from the DHCP server. (no default)

Default Gateway
If the BulletPlusAC is integrated into a network which has a defined Values (IP Address)
gateway, then, as with other hosts on the network, this gateway’s IP
address will be entered into this field. If there is a DHCP server on the (no default)
network, and the Connection Type (see previous page) is selected to
be DHCP, the DHCP server will populate this field with the appropriate
gateway address.

Default Route
The Default Route parameter allows you to set this interface as the Values (selection)
default route in the routing table. This is result in all data being sent to
the WAN interface if there the destination network is not directly No / Yes
connected (LAN, WIFI etc), and no other route has been specified
(4G). In cases where the WAN is the primary connection this would be
set to Yes.

DNS Mode
Select between Manual or Auto for DNS server(s) for the WAN Values (selection)
interface. If set to Auto the BulletPlusAC will try to automatically detect
the DNS servers to use, which is normally the case when the WAN is Manual / Auto
DHCP. Manual required the DNS addresses to be known and entered
below.

Primary DNS
DNS (Domain Name Service) Servers are used to resolve domain Values (IP Address)
names into IP addresses. If set to auto and the Connection Type is set
for DHCP the DHCP server will populate this field and the value set (no default)
can be viewed on the Network > Status page. To add additional static
servers, enter them here.

Secondary DNS
DNS (Domain Name Service) Servers are used to resolve domain Values (IP Address)
names into IP addresses. If set to auto and the Connection Type is set
for DHCP the DHCP server will populate this field and the value set (no default)
can be viewed on the Network > Status page. To add additional static
servers, enter them here.

© Microhard 40
4.0 Configuration

4.2.4 DHCP (MAC Binding)

In some applications it is important that specific devices always have a predetermined IP address. This
menu allows for MAC Address binding to a IP Address, so that whenever the device that has the specified
MAC address, will always get the selected IP address from the DHCP service. In this situation, all attached
(wired or wireless) devices can all be configured for DHCP, but still get a known IP address.

Image 4-2-7: Network > MAC Address Binding

Name
The name field is used to give the device a easily recognizable name. Values (characters)
(no default)

MAC Address
Enter in the MAC address of the device to be bound to a set IP Values (MAC Address)
address. Set the IP Address in the next field. Must use the format:
AB:CD:DF:12:34:D3. It is not case sensitive, but the colons must be (no default)
present.

IP Address
Enter the IP Address to be assign to the device specified by the MAC Values (IP Address)
address above.
(minutes)

Static Addresses
This section displays the IP address and MAC address currently assigned through the DCHP service, that
are bound by it’s MAC address. Also shown is the Name, and the ability to remove the binding by clicking
“Remove _______”.

Active DHCP Leases

This section displays the IP Addresses currently assigned through the DCHP service. Also shown is the
MAC Address, Name and Expiry time of the lease for reference. The ‘Release All’ button terminates all
active leased and requires all connected devices to request new network information (IP/Subnet/etc)

© Microhard 41
4.0 Configuration

4.2.5 Network > DDNS

Unless a carrier issues a Static IP address, it may be desirable to use a Dynamic DNS (DDNS) service to
track dynamic IP changes and automatically update DNS services. This allows the use of a constant
resolvable host name for the BulletPlusAC.

Image 4-2-8: Network > DDNS

DDNS Status
This selection allows the use of a Dynamic Domain Name Server Values (Selection)
(DDNS), for the BulletPlusAC.
Enable
Disable

Network
If the BulletPlusAC is using a wired WAN (ISP) as well as a Cellular Values (Selection)
carrier, specific which will use the DNS service.
Auto
WWAN
WAN

Periodic Update
When the BulletPlusAC powers up and comes online it will report any Values (Selection)
IP Address changes to the selected DNS service. Additionally the
BulletPlusAC can periodically update the service as configured. 5 minutes
15 minutes
Some Dynamic DNS service providers do not allow periodic updates, 60 minutes
or updates for the same IP address. Please review your chosen 4 hours
service providers policy before enabling this feature. 8 hours
24 hours

Service
This is a list of supported Dynamic DNS service providers. Free and Values (selection)
premium services are offered, contact the specific providers for more
information. changeip ovh
dyndns regfish
eurodyndns tzo
Hn Zoneedit
Noip Customized
Ods DMSmadeEasy

© Microhard 42
4.0 Configuration

User Name / Password

Enter a valid user name and password for the DDNS service selected Values (characters)
above.
(none)

Host
This is the host or domain name for the BulletPlusAC as assigned by Values (domain name)
the DDNS provider. Use the provided button to query the server (if
configured correctly) (none)

URL
This field appears when “custom dns” is selected. Values (characters)
How to fill URL: (none)
Use placeholder ${user} for username; ${pwd} for password; ${host}
for hostname; ${ip} for IP address.
eg: http://${user}:${pwd}@exampleddns.com/update?
hostname=${host}&myip=${ip}

© Microhard 43
4.0 Configuration

4.2.6 Network > Routes

Static Routes Configuration

It may be desirable to have devices on different subnets to be able to talk to one another. This can be
accomplished by specifying a static route, telling the BulletPlusAC where to send data.

Image 4-2-9: Network > Routes

Name
Routes can be names for easy reference, or to describe the route Values (characters)
being added.
(no default)

Destination Subnet
Enter the network IP address for the destination subnet. Values (IP Address)
(192.168.168.0)

Gateway
Specify the Gateway used to reach the network specified above. Values (IP Address)
192.168.168.1

Netmask
Enter the Netmask for the destination network. Values (IP Address)
255.255.255.0

© Microhard 44
4.0 Configuration

Metric
In some cases there may be multiple routes to reach a destination. Values (Integer)
The Metric can be set to give certain routes priority, the lower the
metric is, the better the route. The more hops it takes to get to a 255.255.255.0
destination, the higher the metric.

Interface
Define the exit interface. Is the destination a device on the LAN, LAN1 Values (Selection)
(If physical WAN port is bridged as an independent LAN), 3G/4G
(cellular), USB or the WAN? LAN / LAN1 / WAN / Cell / USB
None

© Microhard 45
4.0 Configuration

4.2.7 Network > VRRP

The BulletPlusAC when paired with other VRRP enabled devices (another BulletPlusAC or compatible
devices) can provide redundant internet access for LAN devices by using VRRP (Virtual Router
Redundancy Protocol) as illustrated below. If a connected device needs to access the internet it will use
whichever virtual router has the highest priority, if that device is not available the next router with the higher
priority will router the traffic.

Internet

BulletPlusAC VRRP Router

LAN: 192.168.220.11 LAN: 192.168.220.12

Virtual Router IP:

192.168.220.211

PC/LAN Device
LAN: 192.168.220.50
Gateway: 192.168.220.211
Switch

Image 4-2-10: Network > VRRP

VRRP Status
Enable or disable the VRRP service on the BulletPlusAC. To change Values (Selection)
settings the VRRP service must be disabled (then submitted) and then
re-enabled. Enable / Disable

Virtual Router IP
This is the IP Address of the virtual router, this must be the same on all Values
devices participating in VRRP. This is the IP that any attached LAN
PC/device would use as its default gateway. 192.168.220.211

© Microhard 46
4.0 Configuration

Virtual Router ID
This is the Router ID. Each router/ participating in VRRP should have Values
a router ID to distinguish between them.
2

Router Priority
This is the Router priority. This number to assigned to each router to Values
determine which router(s) will be used first or as the primary. The
higher the ID, the higher the priority. 150

4.2.8 Network > Ports

The Network > Ports menu can be used to determine the characteristics of the physical Ethernet interfaces
on the BulletPlusAC. As seen below the Mode (Auto/Manual), Auto-Negotiation, Speed (10/100Mbit/s) and
the Duplex (Full/Half) can all be configured on the BulletPlusAC.

Image 4-2-11: Network > Ports

© Microhard 47
4.0 Configuration

4.2.9 Network > Bandwidth

The BulletPlusAC features Bandwidth Throttling, which allows the upload/download of connected
networks/users data speeds to be limited to a specified value. Network Bandwidth Throttling can be
implemented by each physical Ethernet interface as seen in the image below.

Image 4-2-12: Network > Bandwidth Throttling

Rule Name
The rule name is used as a reference to be able to help identify which Values (chars)
interface or network is attached to the affected network interface.
rule1

Network
Select the physical interface to be affected by the Bandwidth Throttling Values (selection)
as defined below.
(varies)

Upload Bandwidth Enable

Enable or disable uploading on the specified interface. This prevent Values (selection)
data from being uploaded to a server. (i.e uploading/sending videos or
other files to a server). Enable / Disable

Upload Bandwidth
Set the data limit (speed) for file uploads if uploads have been allowed Values (kbps)
using the Upload Bandwidth Enable.
10000

© Microhard 48
4.0 Configuration

Download Bandwidth Enable

Enable or disable downloading on the specified interface. This prevent Values (chars)
data from being downloaded from a server. (i.e downloading files,
internet browsing etc). Enable / Disable

Download Bandwidth
Set the data limit (speed) for file downloads if downloads have been Values (kbps)
allowed using the Download Bandwidth Enable.
30000

4.2.10 Network > Device List

The Network > Device List shows the current ARP table for the network adapters. The MAC address and
IP address are shown, however not only DHCP assigned devices are listed in the device list, any devices,
even those statically assigned, that are connected through the local network interface (RJ45) are
displayed, including those connected through a hub or switch.

Image 4-2-13: Network > Device List

© Microhard 49
4.0 Configuration

4.2.11 Network > Cloud Filter

The BulletPlusAC provides Cloud based content filtering and security using the third-party service by Open
DNS. OpenDNS is a service which offers free or premium DNS services with added security, phishing
protection and optional, advanced content filtering. To get started with OpenDNS an account must first be
created and activated with OpenDNS by visiting their website.

Image 4-2-14: Network > Cloud Filtering

OpenDNS Cloud Filter

Enable or Disable the OpenDNS cloud based filtering & security. Values (selection)
Enable / Disable

Disable Bypassing OpenDNS

If enabled all clients connected through the BulletPlusAC will be forced Values (selection)
to use OpenDNS and is subject to any and all content filtering and
security, to prevent circumvention. Enable / Disable

Status
When Cloud Filter is enabled, this status will be refreshed every 30 Values (selection)
seconds, showing the OpenDNS status. For OpenDNS to be active,
the status must be green and show "Connected to OpenDNS". Enable / Disable

User Name / Password

Enter the user name and password for the OpenDNS account that was Values (selection)
specified during registration and setup of the service.
Enable / Disable

© Microhard 50
4.0 Configuration

4.2.12 Network > Webfilter

The BulletPlusAC can provide comprehensive content filtering, limiting access to specific websites and
other content. By MAC Address, the BulletPlusAC allows content to be filtering regardless of the assigned
IP address. Filtering can also be applied on a entire network, limiting access to any connected device.

Image 4-2-15: Network > Web Filtering

Webfilter Status
Enable or Disable the Webfilter of the BulletPlusAC. Values (selection)
Enable / Disable

Filter HTTPS
Check Filter HTTPS will redirect all port 443 traffic into the webfilter. Values (selection)
(Please make sure system DNS works.)
Enable / Disable

© Microhard 51
4.0 Configuration

MAC Address Webfilter Default Setting

Default setting can be used for MAC addresses where all addresses Values
may be allowed (Allow) with a few exceptions, or where all addresses
are block (Deny), with a few exceptions. 00:00:00:00:00:00 Allow
After a Default rule has been applied, exceptions can be added by
adding MAC Webfilter Rules.

MAC Webfilter Rules

Add MAC Webfilter rules to apply filtering. If a default rule has been Values
added these rules can be used to specify exceptions. MAC Webfilter
Rules can also be applied to limit access to just one or a few websites Mac1
by simply adding the to the MAC Webfilter list without using a default 00:00:00:00:00:00
rule. Company.com
Deny
Name: Add a name for the MAC Webfilter Rule. 50
Enabled
MAC Address: Enter the MAC Address to apply rule to.

Domain/URL/IP: Enter the Domain Name or URL of the website control access for, i.e.
www.company.com. To ensure the full domain is blocked, enter the most inclusive domain, i.e.
.company.com will block www.company.com and images.company.com and videos.company.com.
Alternatively you can use an IP address or address range written in CIDR notation, i.e. 8.8.8.0/24.

Action: Specify if the rule Allows access or Denies access to the specified address.

Rule Priority: The Rule Priority is used to determine the order rules are evaluated. Higher priority rules
(bigger number) are evaluated first and the first one to match has its assigned action taken."

Enabled: Enable or Disable the MAC Webfilter rule.

MAC Address Webfilter Default Setting

When a network is set to Allow (Blacklist) it will allow access to all sites Values (selection)
not blocked in the Filter Rules. Selecting Deny (Whitelist) will only
allow access to websites with an Allow action in the Filter rules, all Allow / Deny
other sites will be blocked.

MAC Webfilter Rules

Add Network Webfilter Rules to allow or deny access to specified Values
content. The Network rules work with the Network Webfilter Default
Settings. net1
LAN
Name: Add a name for the MAC Webfilter Rule. Company.com
Deny
Network: Select the local network for which the rule applies. 50
Enabled
Domain/URL/IP: See description in MAC Filtering Rules above.

Action: See description in MAC Filtering Rules above.

Rule Priority: See description in MAC Filtering Rules above.

Enabled: Enable or Disable the Network Webfilter rule.

© Microhard 52
4.0 Configuration

4.2.13 Network > LoadBalancer

The LoadBalancer allows for the configuration of load balancing and failover features of the BulletPlusAC.

Image 4-2-16: Network > LoadBalancer

Load Balance Enable

Enable or disable the Load Balancing Feature of the BulletPlusAC. Values (selection)
Enable / Disable

Include WWAN in LoadBalancing

By default (when enabled) the BulletPlusAC will apply load balancing Values (checkbox)
to the wired WAN port(s). Check this box to include the WWAN
(Cellular) connection. Enable / Disable

Default Route Gateway

This field displays the current default route used by the WWAN. Values (address)
(varies)

© Microhard 53
4.0 Configuration

Remote Check IPs

Enter up to two(2) reliable , reachable IP addressed to use to verify Values (address(s))
connectivity. The default are the DNS servers for OpenDNS.
208.67.220.220
208.67.222.222

Failover Priority
For Failover priority, the interface with the lower number will have Values (selection)
priority over the interfaces with a higher number.
10

Weight of the channel

Specify the weight of channel to determine load balancing between Values (number)
interfaces. In the case where interfaces have the same weight value,
the modem will distribute data equally between them. (varies)

© Microhard 54
4.0 Configuration

4.3 IPv6

4.3.1 IPv6 > Status

The IPv6 Status window provides complete overview information related to the IPv6 portion of the
BulletPlusAC. A variety of information can be found here, such as Network Status for interfaces
configured for IPv6. Information about the IPv6 DNS services, active DHCPv6 Leases and the current IPv6
Routing Table can all be found on the IPv6 > Status window.

Image 4-3-1: IPv6 > Status

© Microhard 55
4.0 Configuration

4.3.2 IPv6 > Setup

The IPv6 setup windows provides the options required to setup IPv6 on the BulletPlusAC on the Wan and
LAN interfaces.

Image 4-3-2: IPv6 > Setup

WAN6: Upstream Configuration

Physical interface of WAN6

Select the physical interface of WAN6. Values (Selection)
@wan1 (Wired WAN1)
@wan2 (Wired WAN2)
@wifi (WIFI)
@wwan (Carrier)

© Microhard 56
4.0 Configuration

Status of physical interface

Displays the current status of the physical interface chosen for IPv6. Values (Read Only)
(varies)

WAN6 Connection Method

Select how and in what format the WAN6 interface defines the Values (Selection)
connection information.
DHCPv6 Client
Static Address
IPv6-IPv4 (RFC4213)
IPv6-over-IPv4 (6to4)

Local IPv6 Address for WAN6

When the WAN6 Connection Method is set to Static Address, here is Values (Address)
where the local WAN6 IP Address is defined.
(no default)

IPv6 Gateway
When the WAN6 Connection Method is set to Static Address, here is Values (Address)
where the IPv6 Gateway is defined.
(no default)

IPv6 routed prefix for downstream

Prefix address for distribution to LAN downstream interface. Values (Address)
(no default)

Primary Custom DNS Server

When the WAN6 Connection Method is set to Static Address, enter the Values (Address)
address for the primary custom DNS server.
(no default)

Secondary Custom DNS Server

When the WAN6 Connection Method is set to Static Address, Enter Values (Address)
the address for the secondary custom DNS server.
(no default)

© Microhard 57
4.0 Configuration

Router Advertisement-Service
When the WAN6 Connection Method is set to Static Address, select Values (Selection)
the Router Advertisement-Service.
Disabled
Relay Mode
Hybrid Mode

DHCPv6-Service
When the WAN6 Connection Method is set to Static Address, select Values (Selection)
the DHCPv6-Service.
Disabled
Relay Mode
Hybrid Mode

NDP-Proxy
When the WAN6 Connection Method is set to Static Address, select Values (Selection)
the NDP-Proxy.
Disabled
Relay Mode
Hybrid Mode

Master interface in relay mode

When the WAN6 Connection Method is set to Static Address, specifies Values (Selection)
whether DHCPv6, RA and NDP in relay mode is a master interface or
not. No / Yes

Remote IPv4 Address

When WAN6 Connection Method is set for IPv6-in-IPv4 mode, enter Values (address)
the remote IPv4 address here.
(no default)

Local IPv6 Address

When WAN6 Connection Method is set for IPv6-in-IPv4 mode, enter Values (address)
the local IPv6 address here.
(no default)

IPv6 routed prefix

When WAN6 Connection Method is set for IPv6-in-IPv4 mode, enter Values (address)
the IPv6 routed prefix here.
(no default)

© Microhard 58
4.0 Configuration

Tunnel ID
When WAN6 Connection Method is set for IPv6-in-IPv4 mode, enter Values
the Tunnel ID here.
(no default)

Username / Password
When WAN6 Connection Method is set for IPv6-in-IPv4 mode, enter Values
the username and password here.
(no default)

Local IPv4 Public Address

When WAN6 Connection Method is set for IPv6-over-IPv4 (6to4) enter Values (Address)
the local IPv4 public address here.
(no default)

LAN : Downstream Configuration

Router Advertisement-Service
Select the Router Advertisement-Service for the LAN. Values (Selection)
Disabled
Server Mode
Relay Mode
Hybrid Mode

DHCPv6-Service
Select the DHCPv6-Service mode for the LAN. Values (Selection)
Disabled
Server Mode
Relay Mode
Hybrid Mode

NDP-Proxy
Select the NDP-Proxy mode for the LAN. Values (Selection)
Disabled
Relay Mode
Hybrid Mode

© Microhard 59
4.0 Configuration

DHCPv6-mode
Set the DHCPv6-mode for IPv6 on the LAN. Values (Selection)
Stateless
Stateless + Stateful
Stateful-only

DHCPv6 Lease Time

Set the DHCPv6 lease time in minutes. The is the amount of time that Values (minutes)
an assigned IP address that is issued via DHCP services is valid.
(Minimum 2 minutes) 720

RA Override default route

Set the RA (Router Advertisements) Override for the default route. Values (Selection)
Default
Ignore no public address
Ignore all

Primary Announced DNS server

Set the announced primary DNS server details here. Values (Address)
(No default)

Secondary Announced DNS server

Set the announced secondary DNS server details here. Values (Address)
(No default)

IPv6 assignment length

Prefix size used for assigned prefix to the interface. For example 64 Values (length)
will assign /64-prefixes.
64

IPv6 assignment hint

Hexadecimal subprefix ID for this interface. For example 1234 with an Values
assignment length of 64 will assign prefixes of the form :1234::/64

© Microhard 60
4.0 Configuration

Local IPv6 address of LAN

You can input your own IPv6 address here but this is usually not Values (Selection)
needed because IPv6 address for the LAN is passed through from the
WAN side. Stateless
Stateless + Stateful
Stateful-only

Global Network Options

IPv6 ULA-prefix
Modify the IPv6 ULA-prefix here. Values (Selection)
Fd80:2d08:3ffo::/48

© Microhard 61
4.0 Configuration

4.3.3 IPv6 > Firewall6

The IPv6 Firewall6 window allows the configuration of the firewall on the interfaces that are setup for IPv6.
The current Firewall for IPv6 can be viewed, changed and enabled/disabled under the Traffic Rules Status
summary of all current firewall rules.

Image 4-3-3: IPv6 > Firewall6

Traffic Rules Configuration

Rule Name
The rule name is simply a text identifier to label the corresponding rule Values (Characters)
for reference.
(varies)

© Microhard 62
4.0 Configuration

Action
The Action is used to define how the rule handles the connection Values (Selection)
request.
Accept
ACCEPT will allow a connection, while REJECT (error) and DROP Drop
(quietly dropped), will refuse connections. Reject

Address family
Select if the rule applies only to IPv6 or it should also be applied to Values (Selection)
IPv4.
IPv6 only
Both IPv4 and IPv6

Protocol
The protocol field defines the transport protocol type controlled by the Values (Selection)
rule.
TCP
UDP
TCP+UDP
ICMP
IPSEC-ESP
IPSEC-AH
Protocol 41
ALL

Enable
Enables the specified IPv6 Firewall Rule. Values (Checkbox)
Checked

Source Zone
Specify the source zone/interface. Values (Selection)
lan zone (Covered networks: LAN)
wan2 zone (Covered networks: WAN2WAN6)
wifi zone (Covered networks: WIFI)
wwan zone (Covered networks: WWAN)
any zone
none

Source Port
Specify the source port(s). Multiple ports can be specified as 80 443 Values (Port)
465. Port range can be specified as 100:200 format.
(no default)

© Microhard 63
4.0 Configuration

Destination Zone
Specify the destination zone/interface. Values (Selection)
lan zone (Covered networks: LAN)
wan2 zone (Covered networks: WAN2WAN6)
wifi zone (Covered networks: WIFI)
wwan zone (Covered networks: WWAN)
any zone
none
this device (input)

Destination Port
Specify the destination port(s). Multiple ports can be specified as 80 Values (Port)
443 465. Port range can be specified as 100:200 format.
(no default)

© Microhard 64
4.0 Configuration

4.3.4 IPv6 > OpenVPN6

The BulletPlusAC supports OpenVPN6 Server and Client over IPv6. The section below describes the
parameters available for OpenVPN6 Server.

OpenVPN6 Server

Image 4-3-4: IPv6 > OpenVPN6 Server

OpenVPN Mode
Enable/Disable the OpenVPN Mode by selecting the mode to operate in, Values (selection)
Client or Server. When the Server is enabled it will be listening for incoming
connection requests from OpenVPN Clients. Client / Server / Disable

© Microhard 65
4.0 Configuration

Server Bridge Mode

In Server Bridge Mode the BulletPlusAC logically merges all Ethernet Values (checkbox)
networks, at both ends of the tunnel, as if they were a single Ethernet
subnet. unchecked

Tun-ipv6
Select to indicate this is a IPv6 tunnel. Values (checkbox)
checked

Server-ipv6
Enter the server-ipv6. Values
(no default)

Port
The TCP/UDP port which the server is listening on. Default is 1194 Values (port)
1194

Tunnel Protocol
Select the Tunnel Protocol to be used. The options are TCP and UDP, the Values (selection)
default is UDP.
TCP / UDP / TCP6 / UDP6

MSSFIX/Fragment size
The maximum resulting UDP send packet size after the OpenVPN has Values (size)
fully encapsulated data. Packets exceeding this max value will be
fragmented. 1370

Root Certificate
The root certificate file (CA file) that all the server and clients must have in Values (chars)
common.
ca.crt

Public Server Certificate

The Public Server Certificate which is the certificate file that resides on only Values (chars)
the server.
server.crt

© Microhard 66
4.0 Configuration

Private Server Key

The private Server Key, which should not be disclosed. Values (chars)
server.key

TLS Auth Key

The server and each client must have a copy of this key to do TLS Values (chars)
authentication.
(no default)

Diffie hellman parameter

Select between 1024 bit and 2048 bit Diffie Hellman keys for security. Values (selection)
DH2048 / DH1024

User/Password Authenication
Select the OpenVPN username as setup/defined in the VPN Users menu. Values (selection)
(no default)

Bridge Gateway IP Address

When set to Server Bridge Mode, the Bridge Gateway IP Address must be Values (IP Address)
specified.
(No default)

Bridge IP Address Range / Netmask

Specify the IP Address Range and Netmask that is used when the Values (IP Address)
OpenVPN Server is set to Server Bridge Mode.
(No default)

Server Virtual Subnet / Subnet Mask

The subnet and subnet mask that the server will create to assign address Values (IP Address)
to itself and the clients.
10.8.0.0

Push DNS to Client

If enabled (Auto) the server will push its DNS server information to the Values (selection)
client. Manual allows the DNS information to be manually entered.
NO / Auto / Manual

© Microhard 67
4.0 Configuration

Client Isolation
When select yes, the clients will not see each other. Select no, it will allow Values (selection)
different clients to be able to "see" each other. By default, clients will only
see the server. No / Yes

Keep Alive Ping Interval

The keep alive directive causes ping-like messages to be sent back and Values (seconds)
forth over the link so that each side knows when the other side has gone
down. Default 10 seconds. 10

Keep Alive Ping Period

Default 120 seconds. Ping every 10 seconds, assume that remote peer is Values (seconds)
down if no ping received during a 120 second time period. (must be at least
twice the interval specified above) 120

Cipher
Select a cryptographic cipher. Must be the same on Server and Client. Values (selection)
DES-CBC CAST5-CBC
RC2-CBC RC2-64-CBC
DES-EDE-CBC AES-128-CBC
DES-EDE3-CBC AES-192-CBC
DESX-CBC AES-256-CBC
BF-CBC SEED-CBC
RC2-40-CBC NONE

Use LZO Compression

Enable/Disable LZO compression on the VPN link. Lempel–Ziv– Values (selection)
Oberhumer (LZO) is a lossless data compression algorithm.
Enable / Disable

OpenVPN Server Network Settings

OpenVPN supports multiple subnet behind the server/client. In order for the Values (selection)
vpn connection to reach the subnet behind, each subnet must be specified
for the data to be routed correctly. (no default)

© Microhard 68
4.0 Configuration

OpenVPN6 Client

The BulletPlusAC supports OpenVPN6 and can be configured as a Server or a Client. This section outlines
the configuration of a OpenVPN6 Client.

Image 4-3-5: IPv6 > OpenVPN6 Client

OpenVPN Mode
Enable/Disable the OpenVPN Mode by selecting the mode to operate in, Values (selection)
Client or Server. When the Server is enabled it will be listening for incoming
connection requests from OpenVPN Clients. Client / Server / Disable

Client Bridge Mode

Select the box to enable Client Bridge Mode. Values (selection)
(unchecked)

Pseudowire Mode
When Client Bridge Mode is selected the option to enable Pseudowire Values (selection)
Mode is made available.
(unchecked)

tun-ipv6
Select the if this is a IPv6 tunnel. Values (checkbox)
(checked)

© Microhard 69
4.0 Configuration

Tunnel Protocol
Select the Tunnel Protocol to be used. If the server IP below is and IPv6 Values (selection)
address TCP6 or UDP6 should be used, if it is a IPv4 address use TCP or
UDP. TCP / UDP / TCP6 / UDP6

MSSFIX/Fragment size
The maximum resulting UDP send packet size after the OpenVPN has Values (size)
fully encapsulated data. Packets exceeding this max value will be
fragmented. 1370

Server IP/Port
The IP Address and TCP/UDP port which the server is located. This is Values (IP/Port)
generally the Public IP Address of the router/modem where the Server is
running. (no default)

Root Certificate
The root certificate file (CA file) that all the server and clients must have in Values (chars)
common.
ca.crt

Cleint Certificate
The Client Certificate which is the certificate file that resides on only the Values (chars)
client.
client.crt

Client Key
The private Client Key, which should not be disclosed. Values (chars)
client.key

TLS Auth Key

The server and each client must have a copy of this key to do TLS Values (chars)
authentication.
(no default)

© Microhard 70
4.0 Configuration

Cipher
Select a cryptographic cipher. Must be the same on Server and Values (selection)
Client.
DES-CBC RC2-64-CBC
RC2-CBC AES-128-CBC
DES-EDE-CBC AES-192-CBC
DES-EDE3-CBC AES-256-CBC
DESX-CBC SEED-CBC
BF-CBC NONE
RC2-40-CBC
CAST5-CBC

Use LZO Compression

Enable/Disable LZO compression on the VPN link. Lempel–Ziv– Values (selection)
Oberhumer (LZO) is a lossless data compression algorithm.
Enable / Disable

© Microhard 71
4.0 Configuration

4.3.5 IPv6 > Route6

It may be desirable to have devices on different subnets to be able to talk to one another. This can be
accomplished by specifying a static route, telling the BulletPlusAC where to send data.

Image 4-3-6: IPv6 > Route6

Target
Enter the target IPv6 address or network CIDR. Values (IP Address)
(no default)

IPv6-Gateway
Specify the IPv6 Gateway used to reach the network specified above. Values (IP Address)
(no default)

Metric
Enter the metric for the static route. Values
0

Interface
Select the interface to which to send the data intended for the target Values (selection)
specified.
LAN
WAN1
WAN2
WIFI
WWAN
wwan1
wwan2
none

© Microhard 72
4.0 Configuration

4.4 WWAN

4.4.1 WWAN > Status

The WWAN Status window provides complete overview information related to the Cellular Carrier portion
of the BulletPlusAC. A variety of information can be found here, such as Activity Status, Network (Name
of Wireless Carrier connected), Data Service Type (WCDMA/HSPA/HSPA+/LTE etc), Frequency band,
Phone Number etc.

Image 4-4-1: WWAN > Status

Not all statistics parameters displayed are applicable.

The Received and Transmitted bytes and packets indicate the respective amount of data which has been
moved through the radio.

The Error counts reflect those having occurred on the wireless link.

© Microhard 73
4.0 Configuration

4.4.2 WWAN > Settings

The parameters within the WWAN Configuration menu must be input properly; they are the most basic
requirement required by your cellular provider for network connectivity. The BulletPlusAC can support dual
SIM cards, as described below either slot can be specified as the primary slot and if a connectivity issue
occurs, the unit can be configured to automatically switch to the alternate SIM card.

Image 4-4-2: WWAN > Settings

Carrier Status
Carrier Status is used to Enable or Disable the connection to the Values (Selection)
Cellular Carrier. By default this option is enabled.
Enable / Disable

Connectivity Management
While in Mobile mode the BulletPlusAC will try to retain network Values
services to minimize no coverage areas. When set to Off the
BulletPlusAC will quickly re-scan and reconnect for fixed network Auto
coverage and auto is somewhere between Mobile and Off. Mobile
Off

MTU Size
Allows a user to specify the MTU size for custom applications. In most Values
cases this will be left blank and the system will determine the best
value. (blank)

© Microhard 74
4.0 Configuration

MTU Size (500~1500/Blank)

Use this field to adjust the MTU (maximum transmission unit), it is Values
recommended to leave blank for most applications. If you are not sure
leave this blank and let the BulletPlusAC decide automatically. (Blank)

SIM Selection
The BulletPlusAC supports one or two SIM cards to be installed. By Values (Selection)
default the primary SIM is the bottom SIM slot, and the unit will try to
connect using SIM1 first, and then if it fails to connect, or loses Dual SIM Cards
connection to a valid carrier, it will then attempt SIM2. SIM Card-1 Only
SIM Card-2 Only

Dual Cards Management

Primary Slot
By default the Primary SIM is the SIM installed into the SIM1 slot on Values (Selection)
the unit. The SIM card installed into the Primary slot will be the Cellular
Carrier in which the BulletPlusAC will attempt to make a connection SIM Card-1
with. This can be modified here. SIM Card-2

Dual Usage Balance Mode

This option is only valid when using dual SIM cards. If enabled the Values (Selection)
BulletPlusAC will switch from the primary SIM to the alternate once the
defined data usage is exceeded. The data usage start date is defined Disable
under the DataUsage tab. Enable
If enabled, set the Primary Monthly Limitation in MB.

SIM Card-1/2 Settings

Data Roaming
This feature allows the disabling or enable of data roaming. When data Values (Selection)
roaming is enabled the modem will be allowed to use data when in
roaming status. It is not recommended to allow roaming unless the Enable / Disable
appropriate data plans are in place.

Carrier Operator
In some cases, a user may want to lock onto a certain carrier. There Values (Selection)
are four options to choose from: Auto, SIM based, Manual and Fixed.
Auto
• Auto will allow the unit to pick the carrier automatically. Data roaming is Based on SIM
permitted.
• SIM based will only allow the unit to connect to the network indicated by the Manual
SIM card used in the unit. Fixed
• Manual will scan for available carriers and allow a user to select from the
available carriers. It takes 2 to 3 minutes to complete a scan.
• Fixed allows a user to enter the carrier code (numerical) directly and then the
unit will only connect to that carrier.

© Microhard 75
4.0 Configuration

Technologies Mode
Select the valid types of Carrier connections allowed. For example if Values (Selection)
set to auto the BulletPlusAC will connect to any data type. If set to
WCDMA only, the BulletPlusAC will only allow connections to WCDMA AUTO
related technologies, for band restrictions select the advanced button. WCDMA, LTE, GSM
GSM Only
WCDMA Only
LTE Only
WCDMA, GSM
LTE,WCDMA
WCDMA, LTE
LTE, GSM

APN (Access Point Name)

The APN is required by every Carrier in order to connect to their Values (characters)
networks. The APN defines the type of network the Bullet is connected
to and the service type. Most Carriers have more than one APN, auto
usually many, dependent on the types of service offered.

Auto APN (default) may allow the unit to quickly connect to a carrier, by cycling through a predetermined
list of common APN’s. Auto APN will not work for private APN’s or for all carriers.

SIM Type
If the BulletPlusAC is to connect to Verizon this box must be checked Values (checkbox)
(and a valid Verizon SIM card must be installed).
Verizon SIM Card (unchecked)

Advanced+

SIM Pin
The SIM Pin is required for some international carriers. If supplied and Values (characters)
required by the cellular carrier, enter the SIM Pin here.
(none)

Authentication
Sets the authentication type required to negotiate with peer. Values (Selection)
PAP - Password Authentication Protocol. Device decide (AUTO)
CHAP - Challenge Handshake Authentication Protocol. PAP
CHAP
Only required if the carrier requires a User Name and Password. No Auth

© Microhard 76
4.0 Configuration

User Name
A User Name may be required for authentication to a remote peer. Values (characters)
Although usually not required for dynamically assigned IP addresses
from the wireless carrier. Varies by carrier. Carrier/peer dependant

Password
Enter the password for the user name above. May not be required by Values (characters)
some carriers, or APN’s
Carrier/peer dependant

Network+

PDP Type
IPv6 support is related to the BulletPlusAC’s configuration and carrier Values (selection)
network.
IPV4 and IPV6
IP

IP Address
In some cases the Static IP address must be entered in this field if Values (IP Address)
assigned by a wireless carrier. In most cases the IP will be read from
the SIM card and this field should be left at the default value. (none)

Use Remote DNS

If enabled the Bullet with use the DNS server as specified Values (selection)
automatically by the service provider.
Enable / Disable

Default Route
Use this interface as the default route for all outbound traffic unless Values (Selection)
specified in the Network > Routes table.
Yes / No

DNS-Passthrough
When enabled DNS-Passthrough will pass on the WAN assigned DNS Values (Selection)
information to the end device.
Enable / Disable

DNS-Passthrough
When enabled DNS-Passthrough will pass on the WAN assigned DNS Values (Selection)
information to the end device.
Enable / Disable

© Microhard 77
4.0 Configuration

4.4.3 WWAN > SMS

SMS Command History

The SMS menu allows a user to view the SMS Command History and view the SMS messages on the SIM
Card.

Image 4-4-3: SMS > SMS Command History

4.4.4 WWAN > SMS Config

SMS messages can be used to remotely reboot or trigger events in the BulletPlusAC. SMS alerts can be
set up to get SMS messages based on system events such as Roaming status, RSSI, Ethernet Link
Status or IO Status.

System SMS Command

Image 4-4-4: SMS > SMS Configuration

© Microhard 78
4.0 Configuration

Status
This option allows a user to enable or disable to use of the following Values (Selection)
SMS commands to reboot or trigger events in the BulletPlusAC:
Enable / Disable

MSC#REBOOT Reboot system MSC#EURD0 trigger event report0

MSC#NMS Send NMS UDP Report MSC#EURD1 trigger event report1
MSC#WEB Send web client inquiry MSC#EURD2 trigger event report2
MSC#MIOP1 open I/O ouput1 MSC#EURD3 trigger event report3
MSC#MIOP2 open I/O ouput2 MSC#GPSR0 trigger gps report0
MSC#MIOC1 close I/O ouput1 MSC#GPSR1 trigger gps report1
MSC#MIOC2 close I/O ouput2 MSC#GPSR2 trigger gps report2
MSC#GPSR3 trigger gps report3

Set Phone Filter

If enabled, the BulletPlusAC will only accept and execute commands Values (Selection)
originating from the phone numbers in the Phone Filter List. Up to 6
numbers can be added. Enable / Disable

System SMS Forward

Image 4-4-5: SMS > System SMS Forward

Status
SMS Messages received by the BulletPlusAC can be forwarded to Values (Selection)
another number. Messages can be saved or deleted from the SIM
after forwarding. Disable / Enable

Forward Phone Number

Enter the number where SMS messages received by the BulletPlusAC Values (Selection)
will be forwarded.
(no default)

Matched Sender / Matched Prefix

Use the Matched Sender and Matched Prefix to filter messages to be Values (characters)
forwarded. Matched sender allows only messages received from
certain number(s). Matched prefix only passes on messages that (no default)
match a specific prefix (first part of message).

© Microhard 79
4.0 Configuration

System SMS Alerts

Image 4-4-6: SMS > SMS Alerts

Status
Enable SMS Alerts. IF enabled SMS alerts will be send when Values (Selection)
conditions are met as configured to the phone numbers listed.
Enable / Disable

Received Phone Numbers

SMS Alerts can be sent to up to 6 different phone numbers that are Values (Selection)
listed here.
(no default)

Time Interval(s)
SMS alerts, when active, will be sent out at the frequency defined Values (Seconds)
here.
300

© Microhard 80
4.0 Configuration

Device Alias
The device Alias is text that is sent with the SMS message to provide Values (30 chars)
additional information or help identify the source of the SMS alert.
UserDevice

RSSI Check
Enable or disable the RSSI alerts. Values (Selection)
Disable RSSI check
Enable RSSI check

Low Threshold (dBm)

Set the threshold for RSSI alerts. When the signal strength drops Values (dBm)
below this threshold, an SMS alert will be sent to the number(s)
specified. -99

Carrier Network
Enable or disable SMS Alerts for Roaming Status. Values (Selection)
Disable Roaming Check
Enable Roaming Check

Home / Roaming Status

The BulletPlusAC can send alerts based on the roaming status. Data Values (Selection)
rates during roaming can be expensive and it is important to know
when a device has started roaming. In Roaming
Changed or In Roaming
Changed to Roaming

Ethernet
Enable or disable SMS Alerts for the Ethernet Link status of the LAN Values (Selection)
RJ45 port.
Disable Ethernet check
Enable Ethernet check

Ethernet Link Status

The status of the Ethernet Link of the LAN (RJ45) can be used to send Values (Selection)
SMS Alerts. The link status may indicate an issue with the connected
device. Changed
In no-link
Changed or in no-link
Changed to no-link

© Microhard 81
4.0 Configuration

I/O Status
SMS Alerts can be sent based on the state changes of the Digital I/O Values (Selection)
lines. Aliases (Text Names) can be set for each I/O to help identify
which I/O is triggering the SMS alert. Disable IO Check
Enable: INPUT Changed
Enable: Output Changed
Enable: INPUT or OUTPUT
Changed.

Low Voltage Check

Send a SMS alert when the supply voltage falls below a specified Values (Voltage)
value. The recovery threshold is the value the supply must return to, to
stop outgoing SMS alerts being set at the specific Time Interval. Low Threshold: 11 V
Recovery Threshold: 12.0 V

© Microhard 82
4.0 Configuration

4.4.5 WWAN > Data Usage

The Data Usage tool on the BulletPlusAC allows users to monitor the amount of cellular data consumed.
Since cellular devices are generally billed based on the amount of data used, alerts can be triggered by
setting daily and/or monthly limits. Notifications can be sent using SMS or Email, allowing a early warning if
configurable limits are about to be exceeded. The usage data reported by the Data Usage Monitor may not
match the data reported by the carrier, but it gives the users an idea of the bandwidth consumed by the
BulletPlusAC.

Image 4-4-7: WWAN > Data Usage

Status
If enabled the BulletPlusAC will track the amount of cellular data Values (selection)
consumed. If disabled, data is not recorded, even in the Current Data
Usage display.
Disable
Enable

© Microhard 83
4.0 Configuration

Monthly/Daily Over Limit

Select the notification method used to send alerts when daily or monthly Values (selection)
thresholds are exceeded. If none is selected, notifications will not be sent,
but data usage will be recorded for reference purposes.
None
Send Notice SMS
Send Notice Email
Both SMS & Email

Image 4-4-8: Data Usage > SMS Config

Monthly/Daily Data Unit

Select the data unit to be used for data usage monitoring. Values (selection)
Bytes / K Bytes / M Bytes
G Bytes

Data Limit
Select the data limit for the day or month, used in connection with the data Values (1-65535)
unit is the previous field. If you want to set the limit to 250 Mbytes, select M
Bytes for the data unit, and 250 for the data limit.
500

Period Start Day

For Monthly tracking, select the day the billing/data cycles begins. On this Values (1-31)
day each month the BulletPlusAC will reset the data usage monitor
numbers.
1 (Day of Month)

Additional Notice 1/2

Up to two (2) additional notices can be sent based on a percentage (10- Values (10-500%)
500%) of the threshold value.
(none)

Phone Number
If SMS is selected as the notification method, enter the phone number to Values (phone)
send any SMS messages generated when the data usage exceeds the
configured limits.
+1403

© Microhard 84
4.0 Configuration

Image 4-4-9: Data Usage > Email Config

Mail Subject
If Email is selected as the notification method, enter the desired email Values (string)
subject line for the notification email sent when daily and/or monthly usage
limits are exceeded. Daily/Monthly Data Usage
Notice

Mail Server(IP/Name)
If Email is selected as the notification method, enter the SMTP server Values (xxx:port)
details for the account used to send the Email notifications. Domain or IP
address with the associated port as shown.
smtp.gmail.com:465

Username
If Email is selected as the notification method, enter the username of the Values (username)
Email account used to send Emails.
@gmail.com

Password
If Email is selected as the notification method, enter the password of the Values (string)
Email account used to send Emails. Most email servers require
authentication on outgoing emails.
***

Authentication
If Email is selected as the notification method, enter the password of the Values (selection)
Email account used to send Emails. Most email servers require
authentication on outgoing emails.
None
SSL/TLS
STARTTLS
SSL/TLS + STARTTLS

Mail Recipient
Enter the email address of the individual or distribution list to send the Values ([email protected])
email notification to.
host@

© Microhard 85
4.0 Configuration

Data Usage History

The BulletPlusAC provides a Odometer that shows the total data used by the BulletPlusAC. You can also
click on the More link to get a data usage history summary as seen below.

Image 4-4-10: Data Usage > Data Usage Odometer

© Microhard 86
4.0 Configuration

4.5 Wireless (WiFi)

4.5.1 Wireless > Status

The Status window gives a summary of all radio or wireless related settings and connections.

The General Status section shows the Wireless MAC address of the current radio, the Operating Mode
(Access Point, Client), the SSID being used, frequency channel information and the type of security used.

Traffic Status shows statistics about the transmitted and received data.

Image 4-5-1: Wireless > Status

© Microhard 87
4.0 Configuration

4.5.2 Wireless > Radio1

Radio1 Phy Configuration

The top section of the Wireless Configuration allows for the configuration of the physical radio module. You
can turn the radio on or off, and select the channel bandwidth and frequency as seen below.

Image 4-5-2: Wireless > Radio Configuration

Radio
This option is used to turn the radio module on or off. If turned off Values (selection)
Wireless connections can not be made. The default is Off.
On / Off

Mode
The Mode defines which wireless standard to use for the wireless Values (selection)
network. The BulletPlusAC supports 802.11a/b/g/n/ac modes as seen
here. Select the appropriate operating mode from the list. 802.11B ONLY
802.11BG
The options below are dependent and vary on the operating mode 802.11NG
chosen here. 802.11A Only
802.11NA
802.11AC

Channel Bandwidth
Only appears when using 802.11a, b or b/g modes. Lower channel Values (selection)
bandwidths may provide longer range and be less susceptible to noise
but at the trade off of data rates. Higher channel bandwidth may 20MHz Normal Rate
provide greater data rates but will be more susceptible to noise and
shorter distance potentials.

© Microhard 88
4.0 Configuration

High Throughput Mode

Available when mode is set to 802.11ng or na. Select HT20 for a Values (selection)
20MHz channel, or HT40 for a 40 MHz Channel. The 40MHz channel
is comprised of 2 adjacent 20MHz channels and the + and—designate HT20
to use the higher or lower of the adjacent channels. HT40-
HT40+
Force HT40-
Advanced Capabilities (Only shown if box is checked) Force HT40+

MPDU Aggregation (Enable/Disable) - Allows multiple data frames to be sent in a single transmission
block, allowing for acknowledging or retransmitting if errors occur.

Short GI (Enable/Disable) - GI (guard interval) is the time the receiver waits for any RF reflections to settle
before sampling data. Enabling a short GI (400ns) can increase throughput, but can also increase the error
rate in some installations.

HT Capabilities Info - TX-STBC RX-STBC1 DSSS_CCK-40

Maximum AMSDU (byte) - 3839
Maximum AMPDU (byte) - 65535

Channel Width
Available only when operating mode is set to 802.11ac. Select VHT20 Values (selection)
for a 20MHz channel, or VHT40 for a 40 MHz Channel, and VHT80 for
a 80 MHz channel. VHT20
VHT40
VHT80

Channel-Freq
The Channel-Freq setting allows configuration of which channel to operate on, auto can be chosen where
the unit will automatically pick a channel to operate. If a link cannot be established it will try another
channel. Available channels shown will vary on the throughput mode / channel bandwidth selected above.

802.11b, bg 802.11ng 802.11a, na, ac

Auto Ch 01 : 2.412 GHz Auto
Ch 01 : 2.412 GHz Ch 02 : 2.417 GHz Ch 36 : 5.18 GHz
Ch 02 : 2.417 GHz Ch 03 : 2.422 GHz Ch 40 : 5.20 GHz
Ch 03 : 2.422 GHz Ch 04 : 2.427 GHz Ch 44 : 5.22 GHz
Ch 04 : 2.427 GHz Ch 05 : 2.432 GHz Ch 48 : 5.24 GHz
Ch 05 : 2.432 GHz Ch 06 : 2.437 GHz Ch 149 : 5.745 GHz
Ch 06 : 2.437 GHz Ch 07 : 2.442 GHz Ch 153 : 5.765 GHz
Ch 07 : 2.442 GHz Ch 08 : 2.447 GHz Ch 157 : 5.785 GHz
Ch 08 : 2.447 GHz Ch 09 : 2.452 GHz Ch 161 : 5.805 GHz
Ch 09 : 2.452 GHz Ch 10 : 2.457 GHz Ch 165 : 5.825 GHz
Ch 10 : 2.457 GHz Ch 11 : 2.462 GHz
Ch 11 : 2.462 GHz

© Microhard 89
4.0 Configuration

TX Power
This setting establishes the transmit power level which will be Values (selection)
presented to the antenna connectors at the rear of the BulletPlusAC.
Unless required, the Tx Power should be set not for maximum, but 0 dBm 20 dBm
rather for the minimum value required to maintain an adequate system 4 dBm 21 dBm
fade margin. 5 dBm 22 dBm
Refer to FCC (or as 7 dBm 23 dBm
otherwise applicable) 8 dBm 24 dBm
regulations to ascertain, 9 dBm 25 dBm
and not operate beyond,
the maximum allowable
10 dBm 26 dBm
transmitter output power 15 dBm
and effective isotropic
radiated power (EIRP).
Wireless Distance
The Wireless Distance parameter allows a user to set the expected Values (meters)
distance the WiFi signal needs to travel. The default is 100m, so the
BulletPlusAC will assume that the signal may need to travel up to 100
100m so it sets various internal timeouts to account for this travel time.
Longer distances will require a higher setting, and shorter distances
may perform better if the setting is reduced.

RTS Thr (256 ~ 2346)

Once the RTS Threshold defined packet size is reached, the system Values (selection)
will invoke RTS/CTS flow control. A large RTS Threshold will improve
bandwidth, while a smaller RTS Threshold will help the system recover On / OFF
from interference or collisions caused by obstructions.

Fragment Thr (256 ~ 2346)

The Fragmentation Threshold allows the system to change the Values (selection)
maximum RF packet size. Increasing the RF packet size reduces the
need to break packets into smaller fragments. Increasing the On / OFF
fragmentation threshold slightly may improve performance if a high
packet error rate is experienced.

© Microhard 90
4.0 Configuration

Radio1 Virtual Interface

The bottom section of the Wireless Configuration provides for the configuration of the Operating Mode of
the Wireless Interface, the TX power, Wireless Network information, and Wireless Encryption. The
BulletPlusAC can support multiple virtual interfaces. These interfaces provide different SSID’s for different
users, and can also be assigned to separate subnets (Network Interfaces) to prevent groups from
interacting.

Image 4-5-3: Wireless > Radio Configuration

Network
Choose between LAN or WAN for the Virtual Interface. If additional Values (selection)
Network Interfaces have been defined in the Network > LAN section,
the Interface name will also appear here. LAN
WAN
Etc..
(Additional Interfaces…)

Mode
Access Point - An Access Point may provide a wireless data Values (selection)
connection to many clients, such as stations, repeaters, or other
supported wireless devices such as laptops etc. Access Point
Client
If more than 1 Virtual Interface (more than 1 SSID) has been defined,
the BulletPlusAC can ONLY operate as a Access Point, and will be
locked into this mode.

Station/Client - A Station may sustain one wireless connection, i.e. to an Access Point.

© Microhard 91
4.0 Configuration

Access to Wired client

This parameter, when set to No, will prevent wired and wireless clients Values (selection)
to interact with each other.
Yes / No

TX bitrate
This setting determines the rate at which the data is to be wirelessly transferred.

The default is ‘Auto’ and, in this configuration, the unit will transfer data at the highest possible rate in
consideration of the receive signal strength (RSSI).

Setting a specific value of transmission rate has the benefit of ‘predictability’ of that rate, but if the RSSI
drops below the required minimum level to support that rate, communications will fail.

802.11 a/b/g 802.11n, na (20/40) 802.11ac (20/40/80)

Auto Auto Auto
1 Mbps (802.11b,g) mcs-0 (21/45) Mbps mcs-0 (21/45/97) Mbps
2 Mbps (802.11b,g) mcs-1 (43/90) Mbps mcs-1 (43/90/195) Mbps
5.5 Mbps (802.11b,g) mcs-2 (65/135) Mbps mcs-2 (65/292) Mbps
11 Mbps (802.11b,g) mcs-3 (86/180) Mbps mcs-3 (86/390) Mbps
6 Mbps (802.11a,g) mcs-4 (130/270) Mbps mcs-4 (130/585) Mbps
9 Mbps (802.11a,g) mcs-5 (173/360) Mbps mcs-5 (173/780) Mbps
12 Mbps (802.11a,g) mcs-6 (195/405) Mbps mcs-6 (195/405/NA) Mbps
18 Mbps (802.11a,g) mcs-7 (216/450) Mbps mcs-7 (216/450/975) Mbps
24 Mbps (802.11a,g) mcs-8 (260/540/1170) Mbps
36 Mbps (802.11a,g) mcs-9 (288/600/1300) Mbps
48 Mbps (802.11a,g)
54 Mbps (802.11a,g)

WDS
Wireless Distribution System (WDS), when enabled will follow the Values (selection)
wireless interconnections of access points.
On / Off

ESSID Broadcast
Disabling the SSID broadcast helps secure the wireless network. Values (selection)
Enabling the broadcast of the SSID (Network Name) will permit others
to ‘see’ the wireless network and perhaps attempt to ‘join’ it. On / Off

AP Isolation
When AP Isolation is enabled wireless devices connected to this SSID Values (selection)
will not be able to communicate with each other. In other words if the
BulletPlusAC is being used as a Hot Spot for many wireless clients, On / Off
AP Isolation would provide security for those clients by not allowing
access to any other wireless device.

© Microhard 92
4.0 Configuration

WMM
WiFi Multimedia (WMM) is a feature that enhances the quality of Values (selection)
service on a network by prioritizing data packets according to data
type. (Video, Voice, Best Effort, Background). On / Off

SSID
All devices connecting to the BulletPlusAC in a given network must Values (string)
use the SSID of the BulletPlusAC. This unique network address is not
only a security feature for a particular network, but also allows other (varies)
networks - with their own unique network address - to operate in the
SSID: Service Set Identifier. same area without the possibility of undesired data exchange between
The ‘name’ of a wireless
network. In an open wireless networks.
network, the SSID is
broadcast; in a closed system
it is not. The SSID must be
known by a potential client for Encryption Type
it to be able to access the
wireless network. The encryption types defines the type of security used for the Wireless Values (selection)
Interface, to join a network a device must know the correct password/
passphrase/key. Disabled
WPA (PSK)
Security options are dependent on the version type. This section WPA2 (PSK)
describes all available options. Export versions may not have all WPA+WPA2 (PSK)
optional available to meet regulatory requirements set government WPA Enterprise (RADIUS)
policies. WPA2 Enterprise (RADIUS)
WPA+WPA2 Enterprise(RADIUS)
Change the default value for
the Network Name to
something unique for your
network. Do this for an
added measure of security
WPA PSK
and to differentiate your
network from others which This is the password, or preshared key that is required by any device Values (string)
may be operating nearby. to connect to the wireless interface of the BulletPlusAC. It is strongly
recommended to always have a password defined, and changed from (varies)
the factory default.

Show Password
Check this box to show the currently configured password for WPA/ Values (selection)
WPA2 encryption passphrase.
unchecked

© Microhard 93
4.0 Configuration

RADIUS IP Address
If using Enterprise (RADIUS) encryption, enter the IP Address of the Values (IP Address)
RADIUS authentication server here.
(no default)

RADIUS Port
If using Enterprise (RADIUS) encryption, enter the port number of the Values (port)
RADIUS authentication server here.
(no default)

RADIUS Server Key

This is the password, or preshared key that is required by any device Values (selection)
to connect to the wireless interface of the BulletPlusAC. It is strongly
recommended to always have a password defined, and changed from 0123456789
the factory default.

MAC Filter
The MAC Filter can be used to control connections to the BulletPlusAC Values (selection)
WiFi by the MAC address of the connecting devices. When enabled
the BulletPlusAC will either block all connections unless they are Disabled
added (Allow), or it will accept all connection unless they are blocked Allow
(Block). Block

Use the MAC List Add box to create a list of MAC addressed that are
either allowed or blocked below.

© Microhard 94
4.0 Configuration

4.5.3 Wireless > HotSpot

The Wireless Hotspot configuration is used when providing public hotspot services and it is required to use
a server or web based authentication service to verify users, provide terms of use or other information

Image 4-5-4: Wireless > Hotspot Network Configuration

Hotspot Mode
Use this option to enable or disable the hotspot authentication service. Values (selection)
There are three different options for the Hotspot Mode:
Disable
Simple Internal - Display a simple text based terms of use or Simple Internal
statement to connected users.
Simple External - Display an external webpage Simple External
RADIUS/UAM - Use a 3rd Party Authentication service to RADIUS/UAM
authenticate and/or prompt users to agree to terms of
service.

UAM Login URL

If the Hotspot Mode, RADIUS/UAM is chosen, specify the hotspot URL Values
as given by your service provider. The address of the UAM Server, the
authentication portal. https://
customer.hotspotsystem.com/
customer/hotspotlogin.php

UAM Secret
If the Hotspot Mode, RADIUS/UAM is chosen, this is a secret Values
password between the Redirect URL and the Hotspot given by the
hotspot provider. hotsys123

© Microhard 95
4.0 Configuration

Hotspot Network Configuration

Hotspot Network
This field is used to specify which configured network is bonded to the Values
hotspot. Sub networks can be created in the Network > LAN menu,
which are dedicated to the hotspot devices. Varies
*The DHCP service for the network used should be turned off as all IP
address assignments will be made by the hotspot service provider.*

Network IP Address
Specify the IP Address of the Hotspot application. All hotspot clients Values
will get an IP address in the same network as the Hotspot.
192.168.182.0

Network Netmask
Specify the Netmask of the Hotspot application. All hotspot clients will Values
get an IP address in the same network as the Hotspot.
255.255.255.0

DNS Domain
Provide your service providers 1st DNS Server domain. Values
Key.chillispot.info

Primary DNS
Specify the Primary DNS server to be used by devices connected to Values
the Hotspot network.
208.67.222.222

Secondary DNS
Specify the Secondary DNS server to be used by devices connected Values
to the Hotspot network.
208.67.222.220

DHCP Start
When devices connect to the BulletPlusAC Wifi and Hotspot is Values
enabled, the Hotspot will assign the IP addresses to the connected
devices, select the starting range here. 3

DHCP End
When devices connect to the BulletPlusAC Wifi and Hotspot is Values
enabled, the Hotspot will assign the IP addresses to the connected
devices, select the ending range here. 250

© Microhard 96
4.0 Configuration

Hotspot Radius Configuration

Image 4-5-5: Wireless > Hotspot Radius Configuration

Radius NAS ID
This is the RADIUS name of your Hotspot as given by your Hotspot Values
Service Provider.
Microhard_1

Radius Server 1
As assigned by the Hotspot Service Provider, the name or IP address Values
of the primary RADIUS Server.
radius.hotspotsystem.com

Radius Server 2
As assigned by the Hotspot Service Provider, the name or IP address Values
of the alternate RADIUS Server.
radius2.hotspotsystem.com

Radius Auth Port

The Radius Authentication Port Number. The default is 1812. This is Values
provided by your Hotspot service provider.
1812

Radius Acct Port

The Radius Account Port Number. The default is 1813. This is Values
provided by your Hotspot service provider.
1813

Radius Secret
Also called a shared key, this is the RADIUS password assigned by Values
you Hotspot provider.
hotsys123

© Microhard 97
4.0 Configuration

Radius CoA UDP Port

Specify the Radius CoA UDP Port here. This information is supplied by Values (port)
the hotspot service provider.
3799

Radius Session Timeout

Specify the Radius Session Timeout. In seconds, 0 = disabled. Values (seconds)
3600

Radius Idle Timeout

Specify the Radius Idle Timeout. In seconds, 0 = disabled. Values (seconds)
900

© Microhard 98
4.0 Configuration

4.6 Firewall

4.6.1 Firewall > Summary

The Firewall Summary allows a user to see detailed information about how the firewall is operating. The
All, Filter, Nat, Raw, and Mangle options can be used to view different aspects of the firewall.

Image 4-6-1: Firewall > Status

© Microhard 99
4.0 Configuration

4.6.2 Firewall > General

The General Firewall settings allow users to enable or disable the firewall, and to decide which areas of the
modem to protect. The Firewall can also be reset to factory defaults from this area of the WebUI.

In a cellular device such as this, it is highly recommended to configure the firewall to protect any devices
connected to the modem, and to control data usage. This is especially important with units set up with a
public IP address as the modem is effectively on the public internet and is susceptible to a wide range of
threats which may severely impact the data usage. This can be avoided by blocking all Cellular traffic and
setting up specific rules to either open only used ports, or even restrict access to specific IP/networks.

For best practices and to Image 4-6-2: Firewall > General

control data usage it is
critical that the firewall be
configured properly.
WAN Connection
It is recommended to block
all incoming Cellular traffic
and create rules to open
The WAN connection column lists all valid WAN connections for which to Values (read only)
specific ports and/or use apply firewall settings. The warning icon will show when that connection is
ACL lists to limit incoming not available, has a private IP or in the case of WiFi not configured to act WWAN
connections. as a WAN connection. WAN1
WAN2
WIFI

Remote Management
When checked allows remote management of the BulletPlusAC for each Values
valid WAN using the WebUI on HTTP (default is port 80), and HTTPS
When Remote Access is set (default is port 443). If disabled, the configuration cannot be accessed from WWAN (checked)
to ‘Allow’ the modem is any device connected to that interface. WAN1 (checked)
open to anyone, this is not
recommended as it may WAN2 (checked)
impact data usage from The default settings for HTTP and HTTP can be changed under the WiFi (checked)
unwanted sources. System > Services menu.

Remote Access
When unchecked (blocked) the BulletPlusAC will block all requests from Values (check box)
devices on the specified WAN unless specified otherwise in the Rules,
MAC List or IP List configurations. Access to ports 80 (HTTP) and 443 WWAN (unchecked)
(HTTPS-if enabled), is still available unless disabled in the Remote WAN1 (unchecked)
Management option. WAN2 (unchecked)
WIFI (unchecked)

© Microhard 100
4.0 Configuration

LAN Outgoing
Allows or Blocks traffic from the LAN accessing the specified WAN unless Values (check box)
set up otherwise using the Access Rules, MAC, and IP List configuration.
WWAN (checked)
WAN1 (checked)
WAN2 (checked)
WIFI (checked)

Anti-Spoof
The Anti-Spoof protection is to create some firewall rules assigned to the Values
external interface (WAN & Cellular) of the firewall that examines the source
address of all packets crossing that interface coming from outside. If the Enable / Disable
address belongs to the internal network or the firewall itself, the packet is
dropped.

Packet Normalization
Packet Normalization is the normalization of packets so there are no Values
ambiguities in interpretation by the ultimate destination of the packet. The
scrub directive also reassembled fragmented packets, protecting some Enable / Disable
operating systems from some forms of attack, and drops TCP packets that
have invalid flag combinations.

© Microhard 101
4.0 Configuration

4.6.3 Firewall > Port Forwarding

The BulletPlusAC can be used to provide remote access to connected devices. To access these devices a
user must define how incoming traffic is handled by the BulletPlusAC. If all incoming traffic is intended for a
specific connected device, DMZ could be used to simplify the process, as all incoming traffic can be
directed towards a specific IP address.

In the case where there is multiple devices, or only specific ports need to be passed, Port forwarding is
used to forward traffic coming in from the WAN (Cellular) to specific IP Addresses and Ports on the LAN.
Port forwarding can be used in combination with other firewall features, but the Firewall must be enabled
for Port forwarding to be in effect. If Remote Access is blocked on the General Tab, additional rules and/or
IP Lists must be set up to allow the port forwarding traffic to pass through the firewall.

If DMZ is enabled and an

exception port for the WebUI
is not specified, remote
management will not be
possible. The default port for
remote management is TCP Image 4-6-3: Firewall > Port Forwarding
80.

© Microhard 102
4.0 Configuration

DMZ Mode
Enable or disable DMZ Mode for each available WAN (Cellular or Wired). Values (selection)
DMZ can be used to forward all traffic to the DMZ Server IP listed below.
Disable / Enable

DMZ Server IP
Enter the IP address of the device on the LAN side of the BulletPlusAC Values (IP Address)
where all the traffic will be forwarded to.
192.168.100.100

Exception Ports
If the firewall is set to block
incoming traffic on the WAN Enter a exception port number(s) (range is XX:XX) that will NOT be Values (Port #)
and/or Carrier interfaces, forwarded to the DMZ server IP. Usually a configuration or remote
additional rules or IP/MAC
lists must be configured to
management port that is excluded to retain external control of the 0
allow desired traffic access.

Combined with Source NAT

Add an additional SNAT rule for port forwarding. It will modify the source IP Values (selection)
address of the incoming request to make the internal server respond to this
connection as a local request. No / Yes

Firewall Port Forwarding Configuration

Name
This is simply a field where a convenient reference or description is added Values (10 chars)
to the rule. Each Forward must have a unique rule name and can use up to
10 characters. Forward

Source
Select the source for the traffic, from either the Cellular WAN or from a Values (selection)
wired WAN.
WWAN/WAN1/WAN2/WIFI

Protocol
Select the type of transport protocol used. For example Telnet uses TCP, Values (selection)
SNMP uses UDP, etc.
TCP / UDP / Both

External Ports
Port number(s) (for range format is start:stop) of the incoming request Values (Port #)
(from Cellular/WAN-side).
2000

© Microhard 103
4.0 Configuration

Internal Server IP
Enter the IP address of the intended internal (i.e. on LAN side of Values (IP Address)
BulletPlusAC) server. This is the IP address of the device you are
forwarding traffic to. 192.168.168.2

Internal Ports
Target port number(s) (for range format is start:stop) of the internal server Values (Port #)
on the LAN IP entered above.
3000

Combined with Source NAT

Add an additional SNAT rule for port forwarding. It will modify the source IP Values (selection)
address of the incoming request to make the internal server respond to this
connection as a local request. No / Yes

© Microhard 104
4.0 Configuration

4.6.4 Firewall > MAC-IP List

MAC List configuration can be used to control which physical LAN devices can access the ports on the
BulletPlusAC, by restricting or allowing connections based on the MAC address. IP List configuration can
be used to define who or what can access the BulletPlusAC, by restricting or allowing connections based
on the IP Address/Subnet.

MAC-IP List can be used alone or in combination with LAN to WAN/4G Access Control to provide secure
access to the physical ports of the BulletPlusAC.

Image 4-6-4: Firewall > MAC-IP List

Firewall MAC List Configuration

Rule Name
The Rule Name field is required to give the rule a convenient name for Values (10 chars)
reference. Each rule must have a unique name, up to 10 characters in
length. mac1

Action
The Action is used to define how the rule handles the connection request. Values (selection)
ACCEPT will allow a connection, while REJECT (error) and DROP (quietly ACCEPT
dropped), will refuse connections. DROP
REJECT

MAC Address
Specify the MAC Address to be added to the list. Must be entered in the Values (MAC Address)
correct format as seen above. Not case sensitive.
00:00:00:00:00:00

© Microhard 105
4.0 Configuration

Firewall IP List Configuration

Rule Name
The Rule Name field is required to give the rule a convenient name for Values (10 chars)
reference. Each rule must have a unique name, up to 10 characters in
length. ip1

Action
The Action is used to define how the rule handles the connection request. Values (selection)
ACCEPT will allow a connection, while REJECT (error) and DROP (quietly
dropped), will refuse connections. ACCEPT / DROP / REJECT

Source
Enter the specific zone that the IP List will apply to, Cellular, LAN, WAN or Values (Selection)
None (both).
LAN / WAN1 / WAN2 /
WWAN / WIFI

Source IP Address / Prefix

Match incoming traffic from the specified source subnet/prefix. An empty Values (IP Address)
prefix box indicates a single(/32) address.
0.0.0.0

© Microhard 106
4.0 Configuration

4.6.5 Firewall > Rules

Once the firewall is turned on, rules configuration can be used to define specific rules on how local and
remote devices access different ports and services. MAC List and IP List are used for general access, and
are applied before rules are processed.

It is highly recommended to block as much traffic as possible from the modem, especially when using a
public IP address. The best security would to be to allow traffic only from trusted IP addresses, and only
the specific ports being used, and block everything else. Not configuring the firewall and the firewall rules
correctly could result in unpredictable data charges from the cellular carrier.

Refer to Appendix D for an

example of how to set up a
firewall to block all
connections and then add
access to only specific IP’s
and Ports.

Appendix D: Firewall
Example

Image 4-6-5: Firewall > Rules

Rule Name
The rule name is used to identify the created rule. Each rule must have a Values (10 Chars)
unique name and up to 10 characters can be used.
rule1

Type
The type refers to the direction in terms of source and destination of the Values (selection)
traffic. The fields below will adjust accordingly.
Input
Output
Forward

Action
The Action is used to define how the rule handles the connection request. Values (selection)
ACCEPT will allow a connection, while REJECT (error) and DROP ACCEPT
(quietly dropped), will refuse connections. DROP
REJECT
This is configured based on how the WAN/Carrier Request and LAN to
WAN/Carrier Access Control are configured in the previous menus.

© Microhard 107
4.0 Configuration

Source
Select the zone which is to be the source of the data traffic. The LAN Values
refers to local connections on the BulletPlusAC..
LAN / WAN1 / WAN2 /
WWAN / WIFI / Any

Source IPs
Match incoming traffic from the specified source IP range. Boxes accept Values (IP Address)
single IP Addresses without network masks, example: 192.168.1.0 to
192.168.1.255 represents all IP Addresses in the 192.168.1.0/24 network. 192.168.0.0 to
(Put same IP in both boxes for a single IP match.) 192.168.0.0

Destination
Select the zone which is the intended destination of the data traffic. 3G/4G Values (selection)
applies to the wireless connection to the cellular carrier and the LAN,
LAN1, USB refers to local connections on the BulletPlusAC. LAN/LAN1/Cell/WAN/USB
None

Destination IPs
Match incoming traffic from the specified destination IP range. Boxes Values (IP Address)
accept single IP Addresses without network masks, example: 192.168.1.0
to 192.168.1.255 represents all IP Addresses in the 192.168.1.0/24 192.168.0.0 to
network. (Put same IP in both boxes for a single IP match.) 192.168.0.0

Destination Port
Match incoming traffic directed at the given destination port or port range. Values (port)
(To specify a port range use a From:To (100:200) format) 0

Protocol
The protocol field defines the transport protocol type controlled by the rule. Values
TCP
UDP
Both
ICMP

© Microhard 108
4.0 Configuration

4.6.6 Firewall > Firewall Default

The Firewall Default option allows a user to return the modems firewall setting back to the default values
without having to reset the entire modem.

Image 4-6-6: Firewall > Firewall Default

© Microhard 109
4.0 Configuration

4.7 VPN

4.7.1 VPN > Summary

A Virtual Private Network (VPN) may be configured to enable a tunnel between the BulletPlusAC and a
remote network. The BulletPlusAC supports VPN IPsec Gateway to Gateway (site-to-site) tunneling,
meaning you are using the BulletPlusAC to create a tunnel to a network with VPN capabilities (Another
BulletPlusAC or VPN capable device).

Image 4-6-7: VPN > Summary

© Microhard 110
4.0 Configuration

4.7.2 VPN > Gateway To Gateway (Site-to-Site)

A Gateway to Gateway connection is used to create a tunnel between two VPN devices such as an
BulletPlusAC and another device (another BulletPlusAC or Cisco VPN Router or another vendor…). The
local and remote group settings will need to be configured below to mirror those set on the other VPN

Image 4-7-8: VPN > Gateway to Gateway

Tunnel Name
Enter a name for the VPN Tunnel. Up to 16 different tunnels can be Values (chars)
created, each requiring a unique name.
(no default)

© Microhard 111
4.0 Configuration

Enable
Used to enable (checked) is disable (unchecked) the VPN tunnel. Values (checkbox)
Enable (Checked)

Interface
Select the WAN interface used for the Gateway to Gateway VPN. U Values (selection)
WWAN
WAN1
WAN2

Local Group Setup

Local Security Gateway Type

Specify the method for identifying the router to establish the VPN tunnel. Values (selection)
The Local Security Gateway is on this router; the Remote Security
Gateway is on the other router. At least one of the routers must have either IP Only
a static IP address or a dynamic IP with server id to make a connection. IP + Server ID
Dynamic IP + Server ID

IP Only: Choose this option if this router has a static WAN IP address. The WAN IP address appears
automatically. For the Remote Security Gateway Type, an extra field appears. If you know the IP address
of the remote VPN router, choose IP Address, and then enter the address.

IP + Server ID: Choose this option if this router has a static WAN IP address and a server id. The WAN IP
address appears automatically. For the Remote Security Gateway Type, an extra field appears. If you
know the IP address of the remote VPN router, choose IP Address, and then enter the address.

Dynamic IP + Server ID: Choose this option if this router has a dynamic IP address and a server id
(available such as @microhard.vpn). Enter the server id to use for authentication. The server id can be
used only for one tunnel connection.

Interface IP Address
Displays the IP address of the BulletPlusAC, which is the local VPN Values (IP Address)
Gateway.
Current IP Address

Server ID
This option appears when the Local Security Gateway Type specifies that Values (characters)
the Server ID is required for the connection. The Server ID must be in the
format @name, where name can be anything. Both routers must know (no default)
each others names to establish a connection.

© Microhard 112
4.0 Configuration

Group Subnet IP / Mask -1

Specify the local subnet(s) by entering IP and mask of the local network. Values (IP Address)
(No default subnet IP)
255.255.255.0

Remote Group Setup

Remote Security Gateway Type

Specify the method for identifying the router to establish the VPN tunnel. Values (selection)
The Local Security Gateway is on this router; the Remote Security
Gateway is on the other router. At least one of the routers must have either IP Only
a static IP address or a dynamic IP with server id to make a connection. IP + Server ID
(See Local Group Setup for details) Dynamic IP + Server ID

Gateway IP Address
If the remote VPN router has a static IP address, enter the IP address of Values (IP Address)
the remote VPN Gateway here.
(no default)

Server ID
This option appears when the Remote Security Gateway Type specifies Values (IP Address)
that the Server ID is required for the connection. The Server ID must be in
the format @name, where name can be anything. Both routers must know (no default)
each others names to establish a connection.

Group Subnet IP / Mask -1

Define the remote network(s) by specifying the local subnet. Values (IP Address)
(No default subnet IP)
255.255.255.0

© Microhard 113
4.0 Configuration

IPsec Setup

Aggressive Mode
Check the box to enable aggressive mode for IPSec. In aggressive mode Values (checkbox)
the IKE SA negotiation is squeezed into 3 packets, resulting in faster
negotiation, but is less secure. (unchecked)

IKE Strict Mode

Check the box to enable IKE Strict Mode. Values (checkbox)
(unchecked)

IKE DH Group
Select the Diffie-Hellman public key type. Select between 1024, 1536 and Values (selection)
2048 bit. The values on each end of the tunnel must match.
modp1024
modp1536
modp2048

IKE Encryption
Select the IKE Encryption type used. Select the value to match the Phase 1 Values (selection)
Encryption type used by the remote VPN router.
3des
aes
aes128
aes256

IKE Authentication
Sets the IKE Authentication type. Select the value to match the Phase 1 Values (selection)
Authentication used by the remote VPN router accordingly.
md5
sha1

IKE SA Lifetime(s)
Sets the lifetime of the keys used to encrypt data, when the timers run out Values
the tunnel negotiates a new key. The default value is 28800 seconds (8
hours). 28800

Phase 2 Type
Select the type of security protocol to use for phase 2 of the IKE Values (selection)
negotiation. The options are ESP (Encapsulating Security Payload) and AH
(Authentication Header). Must match remote end of tunnel. ESP / AH

© Microhard 114
4.0 Configuration

Phase 2 Strict Mode

Check the box to enable IKE Strict Mode for phase 2. Values (checkbox)
(unchecked)

Phase 2 DH Group
Select value to match the values required by the remote VPN router. Values (selection)
modp1024
modp1536
modp2048

Phase 2 Encryption
Select value to match the Phase 1 Encryption type used by the remote Values (selection)
VPN router.
3des
aes
aes128
aes256

Phase 2 Authentication
Sets the IKE Authentication type. Select the value to match the Phase 2 Values (selection)
Authentication used by the remote VPN router accordingly.
md5
sha1

Phase 2 SA Lifetime(s)
Sets the lifetime of the keys used to encrypt data for phase 2, when the Values
timers run out the tunnel negotiates a new key. The default value is 3600
seconds (1 hour). 3600

Preshared Key
Set the Preshared Key required to authenticate with the remote VPN Values (characters)
router.
password

DPD Delay(s)
Dead Peer Detection is used to detect if there is a dead peer. Set the DPD Values (seconds)
Delay (seconds), as required.
32

DPD Timeout(s)
Set the DPD (Dead Peer Detection) Timeout (seconds), as required. Values (seconds)
122

© Microhard 115
4.0 Configuration

DPD Action
Controls the use of Dead Peer Detection (DPD) protocol, which is the Values (seconds)
method to detect the aliveness of a IPsec connection. When DPD is in use,
VPN device will send IPsec DPD packet to the peer and wait for the peer's Hold
acknowledgement. If there is no feedback from the peer, the tunnel is Clear
stopped and unrouted (clear), put in the (hold) state or (restarted). Restart
Backup

© Microhard 116
4.0 Configuration

4.7.3.1 VPN > L2TP Client

The BulletPlusAC can be configured as a L2TP Server or Client. This section outlines the configuration of a
OpenVPN Client.

Image 4-7-93: VPN > L2TP Client

Tunnel Name
Enter a name for the VPN Tunnel. Up to 16 different tunnels can be Values (chars)
created, each requiring a unique name.
tunnel1

Enable
Used to enable (checked) is disable (unchecked) the VPN tunnel. Values (checkbox)
Enable (Checked)

© Microhard 117
4.0 Configuration

Local Interface IP Address

This will display the current BulletPlusAC WAN (Cellular) IP Address. Values (IP Address)
Current IP

Remote Gateway IP Address

Enter the IP Address of the Remote Gateway that you wish to establish a Values (IP Address)
connection with.
none

Remote Server ID
Some servers require that you know the Server ID as well as the IP Values
address. Enter the Server ID of the remote router here.
none

Remote Subnet IP
In order to communicate with the devices on the other side of the tunnel, Values (IP Address)
the BulletPlusAC must know which data to pass through the tunnel, to do
this enter the Remote Subnet network IP address here. none

Remote Subnet Mask

Enter the Remote Subnet Mask Values (IP Address)
none

Idle time before hanging up

Enter the Idle time (in seconds) to wait before giving up the PPP Values (seconds)
connection. The default is 0, which means the time is infinite. (0—65535)
0

Username
Enter the Username Values (chars)
0

Preshared Key
The preshared key is required to connect to the L2TP Server. Values (chars)
0

IPSec Setup - See previous sections for additional info.

© Microhard 118
4.0 Configuration

4.7.3.2 VPN > L2TP Server

The BulletPlusAC can operate as a L2TP Server, allowing VPN connections to be made with L2TP Clients.
The configuration for L2TP Server can be found on the VPN Summary Page. You can then select “Edit”.

Image 4-7-10: VPN > L2TP Server Configuration

Enable
Select the Enable check box to enable the L2TP Server and to view the Values (checkbox)
L2TP Server configuration parameters.
Disabled (unchecked)

IPsec
Use the IPsec checkbox to enable Ipsec on the L2TP Server. The different Values (checkbox)
IPsec parameters are covered in the IPsec section of Gateway-to-Gateway
VPN. Disabled (unchecked)

© Microhard 119
4.0 Configuration

Local Security Gateway Type

Select the Local Security Gateway type. When set to IP only, clients only Values (selection)
need to know the IP address of the L2TP Server in order to create a
session. In a IP + Server ID selection, the client would need to know the IP IP Only
and a specified ID. IP + Server ID

Server ID
As a extra measure of security a server ID can be specified and remote Values (characters)
client would need to know this ID before they can create a session and
begin authentication. none

Interface
The Interface parameter is a non changeable parameter that is shown to Values
indicate which interface the L2TP Server is listening for incoming
connections from clients. To use an alternate interface, you need to create/ WWAN or WAN1/2
edit a new connection from the VPN > Summary page.

Interface IP Address
The Interface IP Address is a non-changeable field that shows the current Values
WAN or 4G IP address (as defined in the Interface parameter above).
Clients would need this IP address to create a remote connection. xxx.xxx.xxx.xxx

Server IP Address
The Server IP Address is the local LAN IP of the Dragon-LTE. (The default Values (IP Address)
Local IP of the BulletPlusAC is 192.168.168.1)
none

IP Address Range Start

Enter the starting range of IP Addresses to be assigned to clients once Values (IP Address)
they successfully create a tunnel with the L2TP Server.
none

IP Address Range End

Enter the ending range of IP Addresses to be assigned to clients once they Values (IP Address)
successfully create a tunnel with the L2TP Server.
none

IPSec Setup - See previous sections for additional info.

© Microhard 120
4.0 Configuration

4.7.4 VPN > OpenVPN

OpenVPN Server
The BulletPlusAC supports OpenVPN and can be configured as a Server or a Client. This section outlines
the configuration of a OpenVPN Server.

Image 4-7-11: VPN > OpenVPN Server

OpenVPN Mode
Enable/Disable the OpenVPN Mode by selecting the mode to operate in, Values (selection)
Client or Server. When the Server is enabled it will be listening for incoming
connection requests from OpenVPN Clients. Client / Server / Disable

Server Bridge Mode

In Server Bridge Mode the BulletPlusAC logically merges both Ethernet Values (checkbox)
networks, at both ends of the tunnel, as if they were a single Ethernet
subnet. unchecked

© Microhard 121
4.0 Configuration

Tunnel Protocol
Select the Tunnel Protocol to be used. The options are TCP and UDP, the Values (selection)
default is UDP.
TCP / UDP

Port
The TCP/UDP port which the server is listening on. Default is 1194 Values (port)
1194

MSSFIX/Fragment size
The maximum resulting UDP send packet size after the OpenVPN has Values (size)
fully encapsulated data. Packets exceeding this max value will be
fragmented. 1370

Root Certificate
The root certificate file (CA file) that all the server and clients must have in Values (chars)
common.
ca.crt

Public Server Certificate

The Public Server Certificate which is the certificate file that resides on only Values (chars)
the server.
server.crt

Private Server Key

The private Server Key, which should not be disclosed. Values (chars)
server.key

Certificate Revocation List

In PEM format, the Certificate Revocation List is a list of certificates that Values (chars)
have been revoked and should not be trusted.
crl.pem

TLS Auth Key

The server and each client must have a copy of this key to do TLS Values (chars)
authentication.
(no default)

© Microhard 122
4.0 Configuration

User/Password Authentication
Select the OpenVPN username as setup/defined in the VPN Users menu. Values (selection)
(no default)

Diffie hellman parameter

Select between 1024 bit and 2048 bit Diffie Hellman keys for security. Values (selection)
DH2048 / DH1024

Bridge Gateway IP Address

When set to Server Bridge Mode, the Bridge Gateway IP Address must be Values (IP Address)
specified.
(No default)

Bridge IP Address Range / Netmask

Specify the IP Address Range and Netmask that is used when the Values (IP Address)
OpenVPN Server is set to Server Bridge Mode.
(No default)

Server Virtual Subnet / Subnet Mask

The subnet and subnet mask that the server will create to assign address Values (IP Address)
to itself and the clients.
10.8.0.0

Push DNS to Client

If enabled (Auto) the server will push its DNS server information to the Values (selection)
client. Manual allows the DNS information to be manually entered.
NO / Auto / Manual

Client Isolation
When select yes, the clients will not see each other. Select no, it will allow Values (selection)
different clients to be able to "see" each other. By default, clients will only
see the server. No / Yes

Keep Alive Ping Interval

The keep alive directive causes ping-like messages to be sent back and Values (seconds)
forth over the link so that each side knows when the other side has gone
down. Default 10 seconds. 10

Keep Alive Ping Period

Default 120 seconds. Ping every 10 seconds, assume that remote peer is Values (seconds)
down if no ping received during a 120 second time period. (must be at least
twice the interval specified above) 120

© Microhard 123
4.0 Configuration

Cipher
Select a cryptographic cipher. Must be the same on Server and Client. Values (selection)
DES-CBC CAST5-CBC
RC2-CBC RC2-64-CBC
DES-EDE-CBC AES-128-CBC
DES-EDE3-CBC AES-192-CBC
DESX-CBC AES-256-CBC
BF-CBC SEED-CBC
RC2-40-CBC

Use LZO Compression

Enable/Disable LZO compression on the VPN link. Lempel–Ziv– Values (selection)
Oberhumer (LZO) is a lossless data compression algorithm.
Enable / Disable

OpenVPN Server Network Settings

OpenVPN supports multiple subnet behind the server/client. In order for the Values (selection)
vpn connection to reach the subnet behind, each subnet must be specified
for the data to be routed correctly. (no default)

© Microhard 124
4.0 Configuration

OpenVPN Client
The BulletPlusAC supports OpenVPN and can be configured as a Server or a Client. This section outlines
the configuration of a OpenVPN Client.

Image 4-7-12: VPN > OpenVPN Celint

OpenVPN Mode
Enable/Disable the OpenVPN Mode by selecting the mode to operate in, Values (selection)
Client or Server. When the Server is enabled it will be listening for incoming
connection requests from OpenVPN Clients. Client / Server / Disable

Client Bridge Mode

Select the box to enable Client Bridge Mode. Values (selection)
(unchecked)

Pseudowire Mode
When Client Bridge Mode is selected the option to enable Pseudowire Values (selection)
Mode is made available.
(unchecked)

Tunnel Protocol
Select the Tunnel Protocol to be used. The options are TCP and UDP, the Values (selection)
default is UDP.
TCP / UDP

© Microhard 125
4.0 Configuration

MSSFIX/Fragment size
The maximum resulting UDP send packet size after the OpenVPN has Values (size)
fully encapsulated data. Packets exceeding this max value will be
fragmented. 1370

Server IP/Port
The IP Address and TCP/UDP port which the server is located. This is Values (IP/Port)
generally the Public IP Address of the router/modem where the Server is
running. (no default)

Root Certificate
The root certificate file (CA file) that all the server and clients must have in Values (chars)
common.
ca.crt

Cleint Certificate
The Client Certificate which is the certificate file that resides on only the Values (chars)
client.
client.crt

Client Key
The private Client Key, which should not be disclosed. Values (chars)
client.key

TLS Auth Key

The server and each client must have a copy of this key to do TLS Values (chars)
authentication.
(no default)

Cipher
Select a cryptographic cipher. Must be the same on Server and Values (selection)
Client.
DES-CBC RC2-40-CBC
RC2-CBC CAST5-CBC
DES-EDE-CBC RC2-64-CBC
DES-EDE3-CBC AES-128-CBC
DESX-CBC AES-192-CBC
BF-CBC AES-256-CBC
SEED-CBC

Use LZO Compression

Enable/Disable LZO compression on the VPN link. Lempel–Ziv– Values (selection)
Oberhumer (LZO) is a lossless data compression algorithm.
Enable / Disable

© Microhard 126
4.0 Configuration

4.7.5 VPN > VPN Users

For VPN L2TP & OpenVPN operation, users will be required to provide a username and password. Use
the VPN Users menu to set up the required users.

Image 4-7-13: VPN > VPN Client Access

Username
Enter a username for the user being set up. Values (characters)
(no default)

New Password
Enter a password for the use. Values (characters)
(no default)

Confirm New Password

Enter the password again, the BulletPlusAC will ensure that the password Values (IP Address)
match.
(no default)

© Microhard 127
4.0 Configuration

4.7.6 VPN > Certificate Management

When using the VPN features of the BulletPlusAC, it is possible to select X.509 for the Authentication
Type. If that is the case, the BulletPlusAC must use the required x.509 certificates in order to establish a
secure tunnel between other devices. Certificate Management allows the user a place to manage these

Image 4-7-14: VPN > Certificate Management

© Microhard 128
4.0 Configuration

4.8 Router

4.8.1 Router > RIPV2

The BulletPlusAC is capable of providing and participating in RIPv2 (Routing Information Protocol v2), to
exchange routing information from attached devices. Static routes can also be added in the Network >
Routes menu.

Image 4-8-1: Router > RIPv2

RIPV2 Status
Enable or disable RIPV2 routing on the BulletPlusAC. If enabled the Values (selection)
BulletPlusAC will exchange routing information on the specified (interfaces)
attached networks. Enable / Disable

Authentication Type / Port / Key ID / Password

Enable MD5 authentication for the RIPV2 protocol. Also select the port Values (selection)
used for RIPV2, the Key ID and the required password.
None
MD5

RIPV2 Network Announcement Configuration

Each attached network that is to participate with the RIPV2 exchange must Values (Subnet/Length))
be specified here. Once added they participating networks are shown in the
list. (no default)

© Microhard 129
4.0 Configuration

4.8.2 Router > OSPF

The BulletPlusAC is also capable of providing and participating in OSPF (Open Shortest Path First), to
exchange routing information from attached devices. Static routes can also be added in the Network >
Routes menu.

Image 4-8-2: Router > OSPF

OSPF Status
Enable or disable OSPF routing on the BulletPlusAC. If enabled the Values (selection)
BulletPlusAC will exchange routing information on the specified (interfaces)
attached networks. Enable / Disable

Router ID
Set the router ID in the format used for OSPF. Values (selection)
Enable / Disable

Authentication Type / Port / Key ID / Password

Enable MD5 authentication for the OSPF protocol. Also select the port Values (selection)
used, the Key ID and the required password.
None
MD5

OSPF Network Announcement Configuration

Each attached network that is to participate with the OSPF exchange must Values (Subnet/Length))
be specified here. Once added they participating networks are shown in the
list. (no default)

© Microhard 130
4.0 Configuration

4.9 Serial

4.9.1 Serial > Status

The Serial > Status menu presents a summary of the RS232 Serial Data and Console Ports located on the
sides of the BulletPlusAC, the ports use standard DB-9 connectors. The Summary window shows a
number of status items that aid in viewing the operation, statistics, and troubleshooting of the ports.

General Status
• Port - Lists available RS232 (Serial) ports available.
• Mode - Shows the mode being used by the Data port (RS232, RS485).
• Status - Shows if the port has been enabled in the configuration.
• Baud Rate - The current baud rate used to interface with the connected device.
• Connect As - The type of IP Protocol Config is displayed here (TCP, UDP, SMTP, PPP, etc)
• Connect Status - Shows if there are any current connections / if the port is active.
• Receive Bytes - Displays the total bytes received by the modem in the current session.
• Receive Packets - Displays the total packets received in the current session.
• Transmit Bytes - Displays the total bytes transmitted by the modem in the current session.
• Transmit Packets - Displays the total packets transmitted in the current session.

Image 4-9-1: Serial > Status

© Microhard 131
4.0 Configuration

4.9.2 Serial > Settings

This menu option is used to configure the serial device server for the serial communications ports. Serial
device data may be brought into the IP network through TCP, UDP, or multicast; it may also exit the
BulletPlusAC network on another BulletPlusAC serial port.

The BulletPlusAC is equipped with 2 Serial Communication Ports as described below:

Data - The primary RS232/RS485 port for end devices. This port supports full handshaking.

Console - The default mode for this port is to be configured as a console port and is used for
diagnostics and configuration using a AT Command set. (115200/8/N/1). Can also be
configured as a DATA port but it does not support handshaking and it is RS232 only.

Image 4-9-2: Serial > Settings Configuration

© Microhard 132
4.0 Configuration

Port Status
Select operational status of the Serial Ports. The Console port is Values (selection)
configured as a Console port (115.2/8/N/1) by default. The Data port is
set to Idle (Disabled) mode by default. Console : Console / Data
Data : Data / Idle

Data Baud Rate

The serial baud rate is the rate at which the modem is to communicate Values (bps)
with the attached local asynchronous device.
921600 9600
460800 7200
230400 4800
115200 3600
57600 2400
38400 1200
28800 600
19200 300
14400
Note: Most PCs do not
readily support serial
communications greater Data Format
than 115200bps.
This setting determines the format of the data on the serial port. Values (selection)
The default is 8 data bits, No parity, and 1 Stop bit.
8N1 / 8E1 / 8O1

Data Mode
Recommended setting: “Seamless”. This option indirectly controls the Values (selection)
amount of serial data sent in a single network packet. “Transparent”
mode sends the data as soon as it arrives, usually 1 byte, rarely 2 or Seamless / Transparent
more bytes per network packet. “Seamless” mode collects consecutive
serial data and sends it in a single network packet. Data is sent out
when the serial RX is idle for at least “Character Timeout” or when the
packet is full.

“Transparent” mode can be used under the following conditions:

• Application requires byte=oriented (vs packet-oriented) data stream
• Number of consecutive bytes to transmit does not exceed 16
• Network packet roundtrip time does not exceed the time required to transmit 16 bytes over
serial

“Transparent” mode delivers the data faster, but puts more load to the network and has much higher error
rate.

© Microhard 133
4.0 Configuration

Character Timeout
In Seamless mode (see Data Mode described on the preceding page), Values (characters)
this setting determines when the serial server will consider the recently
-received incoming data as being ready to transmit. As per the 24
MODBUS standard, frames will be marked as ‘bad’ if the time gap
between frames is greater than 1.5 characters, but less than the
Character Timeout value.

The serial server also uses this parameter to determine the time gap inserted between frames. It is
measured in ‘characters’ and related to baud rate.

Example: If the baud rate is 9600bps, it takes approximately 1ms to move one character. With the
Character Timeout set to 4, the timeout period is 4ms. When the calculated time is less than 3.5ms, the
serial server will set the character timeout to a minimum value of 3.5ms.

If the baud rate is greater than 19200bps, the minimum character timeout is internally set to 750us
(microseconds).

Maximum Packet Size

Defines the buffer size that the serial server will use to receive data Values (bytes)
from the serial port. When the server detects that the Character
Timeout criteria has been met, or the buffer is full, it packetizes the 256
received frame and transmits it.

No-Connection Data
When enabled the data will continue to buffer received on the serial Values (selection)
data port when the radio loses synchronization. When disabled the
BulletPlusAC will disregard any data received on the serial data port Disable / Enable
when radio synchronization is lost.

MODBUS TCP Status

This option will enable or disable the MODBUS decoding and Values (selection)
encoding features.
Disable / Enable

IP Protocol Config
This setting determines which protocol the serial server will use to Values (selection)
transmit serial port data over the BulletPlusAC network.
TCP Client
The protocol selected in the IP Protocol Config field will determine TCP Server
which configuration options appear in the remainder of the RS232 TCP Client/Server
Configuration Menu. UDP Point-to-Point
SMTP Client
PPP
GPS Transparent Mode

© Microhard 134
4.0 Configuration

IP Protocol Config
This setting determines which protocol the serial server will use to Values (selection)
transmit serial port data over the BulletPlusAC network.
TCP Client
The protocol selected in the IP Protocol Config field will determine TCP Server
which configuration options appear in the remainder of the RS232 TCP Client/Server
Configuration Menu. UDP Point-to-Point
SMTP Client
PPP
GPS Transparent Mode

TCP Client: When TCP Client is selected and data is received on its serial port, the BulletPlusAC takes
the initiative to find and connect to a remote TCP server. The TCP session is terminated by this same unit
when the data exchange session is completed and the connection timeout has expired. If a TCP
connection cannot be established, the serial port data is discarded.

• Remote Server Address

IP address of a TCP server which is ready to accept serial port data through a TCP
connection. For example, this server may reside on a LAN network server.
Default: 0.0.0.0
UDP: User Datagram
Protocol does not provide • Remote Server Port
sequencing information for A TCP port which the remote server listens to, awaiting a session connection request from
the packets sent nor does it
establish a
the TCP Client. Once the session is established, the serial port data is communicated from
’connection’ (‘handshaking’) the Client to the Server.
and is therefore most suited Default: 20001
to communicating small
packets of data.
• Outgoing Connection Timeout
This parameter determines when the BulletPlusAC will terminate the TCP connection if the
connection is in an idle state (i.e. no data traffic on the serial port).
Default: 60 (seconds)

TCP Server: In this mode, the BulletPlusAC Series will not INITIATE a session, rather, it will wait for a
Client to request a session of it (it’s being the Server—it ‘serves’ a Client). The unit will ‘listen’ on a specific
TCP port. If a session is established, data will flow from the Client to the Server, and, if present, from the
Server to the Client. If a session is not established, both Client-side serial data, and Server-side serial
data , if present, will be discarded.

TCP: Transmission Control

Protocol in contrast to UDP
• Local Listening Port
does provide sequencing The TCP port which the Server listens to. It allows a TCP connection to be created by a TCP
information and is connection Client to carry serial port data.
-oriented; a more reliable Default: 20001
protocol, particularly when
large amounts of data are
being communicated. • Incoming Connection Timeout
Requires more bandwidth
Established when the TCP Server will terminate the TCP connection is the connection is in
than UDP. an idle state.
Default: 300 (seconds)

© Microhard 135
4.0 Configuration

IP Protocol Config (Continued…)

TCP Client/Server: In this mode, the BulletPlusAC will be a combined TCP Client and Server, meaning
that it can both initiate and serve TCP connection (session) requests. Refer to the TCP Client and TCP
Server descriptions and settings described previously as all information, combined, is applicable to this
mode.

UDP Point-to-Point: In this configuration the BulletPlusAC will send serial data to a specifically-defined
A UDP or TCP port is an
application end-point. The IP point, using UDP packets. This same BulletPlusAC will accept UDP packets from that same point.
address identifies the device
and, as an extension of the IP • Remote IP Address
address, the port essentially IP address of distant device to which UDP packets are sent when data received at serial port.
‘fine tunes’ where the data is
to go ‘within the device’.
Default: 0.0.0.0

Be careful to select a port • Remote Port

number that is not UDP port of distant device mentioned above.
predetermined to be Default: 20001
associated with another
application type, e.g. HTTP
uses port 80.
• Listening Port
UDP port which the IP Series listens to (monitors). UDP packets received on this port are
forwarded to the unit’s serial port.
Default: 20001

SMTP Client: If the BulletPlusAC has Internet access, this protocol may be used to send the data
received on the serial port (COM1), in a selectable format (see Transfer Mode (below)), to an e-mail
addressee. Both the SMTP Server and the e-mail addressee must be ‘reachable’ for his feature to
function.

• Mail Subject
Enter a suitable ‘e-mail subject’ (e-mail heading).
Default: COM1 Message
Multicast is a one-to-many
transmission of data over an • Mail Server (IP/Name)
IP network. It is an efficient IP address or ‘Name’ of SMTP (Mail) Server.
method of transmitting the Default: 0.0.0.0
same data to many
recipients. The recipients
must me members of the • Connection Security
specific multicast group.
Select the security type used by email provider//server. (SSL/TLS, STARTTLS)
Default: SSL/TLS

• Username/Password
Enter the username/password for the outgoing email account to be used.
Default: none

• Mail Recipient
A valid e-mail address for the intended addressee, entered in the proper format.
Default: host@
TTL: Time to Live is the
number of hops a packet can • Message Max Size
travel before being discarded.
Maximum size for the e-mail message.
In the context of multicast, a Default: 1024
TTL value of 1 restricts the
range of the packet to the
same subnet. • Timeout (s)
How long the unit will wait to gather data from the serial port before sending an e-mail
message; data will be sent immediately upon reaching Message Max Size.
Default: 10

• Transfer Mode
Select how the data received on COM1 is to be sent to the email addressee. Options
are: Text, Attached File, Hex Code.
Default: Text

© Microhard 136
4.0 Configuration

IP Protocol Config (Continued…)

PPP: COM1 can be configured as a PPP server for a serial connection with a PC or other device. The
attached PC could then use a dedicated serial (Windows - dialup/modem) type PPP connection to access
the network resources of the BulletPlusAC. Note: Console (if configured as data port) does not support this
mode.

• PPP Mode
Can be set for Active or Passive. If set for Active, the PPP server will initiate the PPP
connection with a PPP client. The server will periodically send out link requests following PPP
protocol. If set to Passive, the PPP server will not initiate the PPP connection with PPP client.
The server will wait passively for the client to initiate connection.
Default: Passive

SMTP: Simple Mail • Expected String

Transport Protocol is a When a client (PC or device) initiates a PPP session with the modem, this is the handshaking
protocol used to transfer
mail across an IP string that is expected in order to allow a connection. Generally this doe not need to be
network. changed.
Default: CLIENT

• Response String
This is the handshaking string that will be sent by the modem once the expected string is
received. Generally this does not need to be changed.
Default: CLIENTSERVER

• PPP LCP Echo Failure Number

The PPP server will presume the peer to be dead if the LCP echo-requests are sent without
receiving a valid LCP echo-reply. If this happens, PPP server will terminate the connection.
Use of this option requires a non-zero value for the LCP Echo Interval parameter. This option
can be used to enable PPP server to terminate after the physical connection has been
broken (e.g., the modem has hung up).
Default: 0

• PPP LCP Echo Interval

The PPP server will send an LCP echo-request frame to the peer every ‘n’ seconds. Normally
the peer should respond to the echo-request by sending an echo-reply. This option can be
used with the LCP-echo-failure option to detect that the peer is no longer connected.
Default: 0

• PPP Local IP
Enter the local PPP IP Address, the IP Address of the IPn4G COM0 Port.
Default: 192.168.0.1

• PPP Host IP
Enter the PPP Host IP here. This is the IP of the PC or attached device.
Default: 192.168.0.99

• PPP Idle Timeout(s)

It is the timeout for tearing down the ppp connection when there is no data traffic within the
time interval. When there is data coming, new ppp connection will be created.
Default: 30

© Microhard 137
4.0 Configuration

IP Protocol Config (Continued…)

GPS Transparent Mode: When in GPS Transparent Mode, GPS data is reported out the serial port at
1 second intervals. Sample output is shown below:

Image 4-9-3: Serial > GPS Transparent Mode

© Microhard 138
4.0 Configuration

4.10 I/O

4.10.1 I/O > Settings

The BulletPlusAC has 2 programmable I/O’s, which can be used with various alarms and sensors for
monitoring, telling the modem when certain events have occurred, such as an intrusion alarm on a door,
etc. Any of the I/O’s can also be programmed to operate as a output, that can be used to drive external
relays to remotely control equipment and devices. The I/O pins are available on the back connector shared
with the input power (1&2).

The Status of the I/O’s can be read, and in the case of outputs, can be operated in the WebUI. Alerts can
be setup to send SMS Messages if I/O Status changes, as well, SMS control messages can be sent to the
device to trigger events. SNMP and/or Modbus can be used to poll for the status, or set controls. See the
appropriate sections of the manual for more information.

Image 4-10-1: I/O Settings

Settings

The Settings menu is used to configure a I/O as either a Input or an Output. If configured as an output, the
user can also set the output as open or closed. The output pin on the BulletPlusAC can be used to provide
output signals, which can be used to drive an external relay to control an external device. See Table 4-9-1
for I/O specifications.

Status

The Status section will display the current state and measured voltage (Meter) of any I/O’s configured as
inputs. The WebUI will also display the current state of each control output.

© Microhard 139
4.0 Configuration

Name Description Parameter Min. Typ. Max Units

I/O 1 - 2 Input low state voltage VIL -0.5 0 1.2 V
(Input) range
Input high state voltage VIH 1.5 3.3 30 V
range
Input leakage current IIN —- 58 —- µA
(3.3 VDC IN)
Typical application input source is a dry switch contact to ground.
Pin includes an internal 56KΩ resistor pull up to 3.3 VDC.
I/O 1 - 2 Open drain drive to Idc —- 100 110 mA
(Output) ground
Maximum open circuit Voc —- 3.3 30 V
voltage applied
Typical application is to drive a relay coil to ground.
Table 4-10-1: Digital I/O Specifications

© Microhard 140
4.0 Configuration

4.11 GPS

4.11.1 GPS > Location

Location Map

The location map shows the location on the BulletPlusAC. The unit will attempt to get the GPS coordinates
from the built in GPS receiver, and if unsuccessful, will use the Cell ID location reported by the Cellular
Carrier.

Image 4-11-1: GPS > Location Map

The maps can be viewed with either Bing or Google maps by using the option located at the bottom, right
hand corner near the refresh option.

If the unit had a GPS signal (GPS Module enabled and antenna attached), it will report the specific GPS
coordinates of the modem, otherwise only the estimated coordinates reported by the Carrier.

© Microhard 141
4.0 Configuration

4.11.2 GPS > Settings

The BulletPlusAC can be polled for GPS data via GPSD standards and/or provide customizable reporting
to up to 4 different hosts using UDP or Email Reporting. GPS is an optional feature of the BulletPlusAC,
and must be specified at the time of order and factory prepared. If the screen below are not available on
your unit, you do not have a GPS enabled model.

Image 4-11-2: GPS > Settings

GPS Status
Enable or disable the GPS polling function of the BulletPlusAC. Values
Disable / Enable

GPS Source
The BulletPlusAC contains an standalone GPS module built into the unit. Values
To use the GPS features of the BulletPlusAC an antenna must be
connected to the GPS Antenna Port. Standalone GPS
Cellular Module GPS

TCP Port
Specify the TCP port on the BulletPlusAC where the GPS service is Values
running and remote systems can connect and poll for GPSD data.
2947

GPS Online Assistance

When enabled the BulletPlusAC will use the internet to download a file at Values
bootup with information about its location to assist in quickly connecting to
GPS satellites. This service does consume a small amount of data. Enable

© Microhard 142
4.0 Configuration

4.11.3 GPS > Report

The BulletPlusAC can provide customizable reporting to up to 4 hosts using UDP or Email Reporting.

Image 4-11-3: GPS > GPS Report

Report Define
Enable UDP and/or Email or disable GPS Reporting. Up to 4 reports can Values (selection)
be set up and configured independently.
Disable
UDP Report
Email Report

Time Interval
The interval timer specifies the frequency at which the GPS data is Values (seconds)
reported in seconds.
600

© Microhard 143
4.0 Configuration

Message 1-4
The Message field allows customization of up to 4 different GPS messages Values (selection)
to be sent to the specified host.
None
None - Message is not used, no data will be sent ALL NMEA
ALL - Sends all of the below GGA
GGA - GPS Fix Data GSA
GSA - Overall Satellite Data GSV
GSV - Detailed Satellite Data RMC
RMC - Recommended Min Data for GPS VTG
VTG - Vector Track & Ground Speed Latitude/Longitude
GPSGate - For use with GPSGate Tracking Software GPSGate UDP Protocol

Trigger Set
The trigger condition defines the conditions that must be met before a GPS Values (selection)
update is reported. If OR is chosen, the Repeater Timer OR the Distance
trigger conditions must be met before an update is sent. The AND Only Timer
condition, requires that both the Repeat timer AND the Distance trigger Timer AND Distance
conditions be met before an update is sent. Timer OR Distance

Distance Set
The distance parameter allows the GPS data to only be sent when a Values (meters)
specified distance has been traveled since the last report.
1000

UDP Remote IP / Port

This is the IP Address and port of the remote host in which the UDP Values (Address/Port)
packets are to be sent.
0.0.0.0 / 20175

Mail Subject
If an Email report is chosen, the subject line of the Email can be defined Values (characters)
here.
1000

Mail Server
If an Email report is to be sent, the outgoing mail server must be defined, Values (Address:port)
and the port number.
smtp.gmail.com:465

Username / Password
Some outgoing mail servers required username and password to prevent Values (characters)
an account being used for spam. Enter the login credentials here.
Username / password

Mail Recipient
Some outgoing mail servers require a username and password to prevent Values (characters)
an account being used for spam. Enter the login credentials here.
[email protected]

© Microhard 144
4.0 Configuration

4.11.4 GPS > GpsGate

The BulletPlusAC is compatible with GpsGate - GPS Tracking Software, which is a 3rd party mapping
solution used for various GPS services including vehicle and asset tracking The BulletPlusAC can
communicate with GpsGate via Tracker Mode and TCP/IP. (UDP reporting can also send information to
GpsGate, see the GPS > Report - UDP Reports)

Image 4-11-4: GPS > GpsGate Tracker Mode

GpsGate - Tracker Mode

Mode Set
Enable GpsGate Tracker Mode or TCP modes. In tracker mode The Values (selection)
BulletPlusAC and GpsGate software will communicate via TCP/IP,
however if a connection is not available it will attempt to use SMS Disable
messaging. Enable Tracker Mode
Enable TCP Send Mode

Server Command Channel

By default BulletPlusAC and GpsGate will use TCP and SMS to ensure Values (seconds)
communication between each other. It is also possible to specify TCP or
SMS communication only. Initial setup in Tracker mode must be via SMS. TCP and SMS
TCP Only
SMS Only

TCP Alive Mode / Alive Time Interval

TCP alive mode will keep TCP connection alive if tracker is not enabled or Values (seconds)
the tracker interval is too long. The default is 150 seconds.
150

© Microhard 145
4.0 Configuration

Setup Phone Filter

A phone number filter can be applied to prevent SMS commands not Values (selection)
intended for the BulletPlusAC from being processed.
Disable: Accept All
Enable Filter

Motion Trigger
Use this parameter to enable or disable the motion trigger in the Values (selection)
BulletPlusAC.
Disable
Enable Motion Trigger

Send IO Status
When enabled, the BulletPlusAC will send the current status of the Digital I/ Values (selection)
O inputs and/or outputs to the GpsGate Server.
Disable
Send Input Status
Send Output Status
Send Input&Output Status

When GPS Invalid, Sending Data

Specify what happens when the GPS data is invalid, either use the last Values (selection)
valid position or do not use the last valid position.
Not Use Last Valid Position
Use Last Valid Position

GpsGate - TCP Mode

Image 4-11-5: GPS > GpsGate TCP Mode

© Microhard 146
4.0 Configuration

Mode Set
Enable GpsGate Tracker Mode or TCP modes. In TCP Mode the Values (selection)
BulletPlusAC will establish a connection with the GpsGate Server directly
without the SMS setup process. If the TCP connection is not available, the Disable
BulletPlusAC will continue to try to connect every few seconds. Enable Tracker Mode
Enable TCP Send Mode

Server Address / IP
Enter the IP Address of the server running the GpsGate application. Values (IP Address)
0.0.0.0

Server Port
Enter the TCP Port of the server running the GpsGate application. Values (Port)
30175

Server Interval
Define the interval at which the BulletPlusAC will send data to the GpsGate Values (seconds)
Server.
60

Motion Distance
Set the motion threshold in which the BulletPlusAC will be triggered to send Values (meters)
location data.
100

Send IO Status
When enabled, the BulletPlusAC will send the current status of the Digital I/ Values (selection)
O inputs and/or outputs to the GpsGate Server.
Disable
Send Input Status
Send Output Status
Send Input&Output Status

When GPS Invalid, Sending Data

Specify what happens when the GPS data is invalid, either use the last Values (selection)
valid position or do not use the last valid position.
Not Use Last Valid Position
Use Last Valid Position

© Microhard 147
4.0 Configuration

4.11.5 GPS > UDPTracker

The BulletPlusAC can be configured to send GPS information via UDP packets to a server based on a time
interval and/or motion trigger. The report can be sent to up to 4 servers.

Image 4-11-6: GPS > UDPTracker

Report No. Status

Use the Report No Status to enable or disable the reporting of UDP Values (selection)
packets to the specified servers.
Disable
Enable

Server Address/IP & Port

Set the server IP address and port number for which to send the Values (IP/port)
UDPTracker UDP packets.
0.0.0.0.0 / 30175

Send Interval
Set the interval for which to send UDPTracker UDP packets to the server. Values (seconds)
The default is 60 seconds.
60 (1-99999)

© Microhard 148
4.0 Configuration

Send IP Status
When sending the UDP packet at the defined interval or when triggered by Values (selection)
the Motion Trigger, also include the status of the I/O’s.
Disable
Send Input Status
Send Output Status
Send Input&Output Status

Send WWAN’s RSSI

When sending the UDP packet at the defined interval or when triggered by Values (selection)
the Motion Trigger, also include the WWAN’s RSSI Status.
Disable
Send RSSI Status

Motion Trigger
Enable the Motion Trigger which is trigger a UDP update when the defined Values (selection)
distance threshold has been exceeded.
Disable
Enable Motion Trigger

Motion Trigger
Set the distance for which to travel before triggering the Motion Trigger. Values (meters)
500 (20-99999)

© Microhard 149
4.0 Configuration

4.11.6 GPS > Recorder

The BulletPlusAC can be configured to record events based on time intervals, and/or an event trigger and
store them in non-volatile memory. These events can then be viewed within the WebUI, on a map, or sent
to a remote server in a number of different formats.

Image 4-11-7: GPS > GPS Recorder Service

Status
Use the Status parameter to enable the GPS recording functionality of the Values (selection)
BulletPlusAC. The total number of records that can be recorded varies
between 16,000 and 36,000, depending on the number of GPS parameters Disable
that are recorded. Enable GPS Recorder

Time Interval
Define the interval at which the BulletPlusAC will record GPS data. If there Values (seconds)
is no valid data available at the specified time (i.e. no connected satellites),
the unit will wait until the next time valid information is received. 300

DI/DO Changed
The BulletPlusAC can detect and report the current GPS info when a digital Values (selection)
input or output status changes, regardless of the time interval setting.
Record / Don’t Record

© Microhard 150
4.0 Configuration

Speed
Select Record to include the current speed in the reported data. Values (selection)
Record / Don’t Record

Over Speed
Trigger a GPS record entry when the speed has exceeded the configured Values (Km/hr)
threshold. A minimum of 30 Km/hr is required.
120

Orientation
Select Record to record the current orientation when a GPS entry is Values (selection)
recorded. (Degree to North).
Record / Don’t Record

Orientation Changed
Record a GPS, regardless of the time interval, if the orientation of the unit Values (5 ~ 180)
changes. (5 ~ 180: 180 = Disable)
60

Carrier RSSI Level

Select Record to record the current 3G/Cellular RSSI level when a GPS Values (selection)
entry is recorded. (-dB).
Record / Don’t Record

Altitude
Select Record to record the current Altitude when a GPS entry is recorded Values (selection)
(meters).
Record / Don’t Record

© Microhard 151
4.0 Configuration

4.10.6 GPS > Load Record

Data that has been recorded and saved by the BulletPlusAC can then be viewed or sent to a remote server
in various formats. The data recorded can also be viewed directly by selecting “View Data” and the data
can be traced on a map (internet access required), by selecting “Trace Map”, or “Quick Trace”. The
screenshots below show the raw data that can be viewed and the Trace Map/Quick Trace output.

Image 4-11-8: GPS > GPS Load Record

© Microhard 152
4.0 Configuration

Record Time Range

Check the boxes next to the records listed above that are to be sent to the Values (selection)
server.
(no default)

Send Mode / Protocol

Specify the data format / protocol type for the data to be sent. Values (selection)
NMEA via UDP
NMEA via TCP
GpsGate via UDP
GpsGate via TCP
Plain Text via UDP
Plain Text via TCP

Server Address/IP
Enter the address or IP address of the remote server to which the data is to Values (IP)
be sent.
nms.microhardcorp.com

Server Port
Enter the UDP/TCP port number of the remote server to which the data is Values (Port)
to be sent.
30175

© Microhard 153
4.0 Configuration

4.11.8 GPS > TAIP

The BulletPlusAC has the ability to send GPS data in TAIP (Trimble ASCII Interface Protocol) format to up
to 4 different TAIP servers. The following section describes the configuration parameters required to
initialize TAIP reporting.

Image 4-11-9: GPS > TAIP

TAIP service status

Enable or disable TAIP service on the modem. The unit can report TAIP to Values (selection)
up to 4 different hosts.
Enable / Disable

Remote TAIP Server

Enter the IP Address of the Remote TAIP Server. Values (IP Address)
0.0.0.0

Socket Type
Select the socket type that is used by the Remote TAIP server. Select TCP Values (selection)
or UDP, this will define how the connection (TCP) or data is sent (UDP) to
the server. UDP / TCP

Remote TAIP Port

Enter the TCP or UDP port number used on the Remote TAIP server. Values (TCP/UDP)
UDP / TCP

© Microhard 154
4.0 Configuration

Message Type
Select between RPV and RLN message types. Values (selection)
RPV - Position/Velocity RPV / RLN
RLN - Long Navigation Message

Interval
Set the frequency at which TAIP messages are reported to the remote Values (seconds)
server. The unit used is seconds, and the default value is 60 seconds.
60

Vehicle ID
Set the Vehicle ID using 4 alpha-numeric characters. Values (chars)
0000

© Microhard 155
4.0 Configuration

4.12 Apps

4.12.1 Apps > Modbus

4.12.1.1 Modbus > TCP Modbus

The BulletPlusAC can be configured to operate as a TCP/IP or Serial (COM) Modbus slave and respond to
Modbus requests and report various information as shown in the Data Map.

Image 4-12-1: Apps > Modbus

Status
Disable or enable the Modbus service on the BulletPlusAC. Values (selection)
Disable Service
Enable Service

TCP Mode Status

Disable or enable the Modbus TCP Connection Service on the Values (selection)
BulletPlusAC.
Disable
Enable

© Microhard 156
4.0 Configuration

Port
Specify the Port in which the Modbus TCP service is to listen and respond Values (Port #)
to polls.
502

Active Timeout(s)
Define the active timeout in seconds. Values (seconds)
30

Slave ID
Each Modbus slave device must have a unique address, or Slave ID. Enter Values (value)
this value here as required by the Modbus Host System.
1

Coils Address Offset

Enter the Coils Address offset as required by the Master. Values (value)
0

Input Address Offset

Enter the Input Address offset as required by the Master. Values (value)
0

Register Address Offset

Enter the Register Address offset as required by the Master. Values (value)
0

Master IP Filter Set

It is possible to only accept connections from specific Modbus Master IP’s, Values (selection)
to use this feature enable the Master IP Filter and specify the IP Addresses
in the fields provided. Disable / Enable

© Microhard 157
4.0 Configuration

4.12.1.2 Modbus > COM (Serial) Modbus

The BulletPlusAC can also participate in serial based Modbus, to configure and view the serial Modbus
settings, the COM1 port must first be disabled in the Comport > Settings menu. Only the settings that are
different from TCP Modbus will be discussed.

Image 4-12-2: Apps > Modbus Serial Configuration

COM Mode Status

Disable to select the Serial (COM) mode for the Modbus service. In RTU Values (selection)
mode, communication is in binary format and in ASCII mode,
communication is in ASCII format. Disable
Enable COM ASCII Mode
Enable COM RTU Mode

Baud Rate
The serial baud rate is the rate at which the modem is to Values (selection (bps))
communicate with the attached local serial device.
921600 57600 14400 3600
460800 38400 9600 2400
230400 28800 7200 1200
115200 19200 4800 600

Data Format
This setting determines the format of the data on the serial port. Values (selection)
The default is 8 data bits, No parity, and 1 Stop bit.
8N1 / 8E1 / 8O1

© Microhard 158
4.0 Configuration

4.12.1.3 Modbus > Modbus Data Map

Image 4-12-3: Applications > Modbus Data Map

© Microhard 159
4.0 Configuration

4.12.2 Apps > Netflow Report

The BulletPlusAC can be configured to send Netflow reports to up to 4 remote systems. Netflow is a tool
that collects and reports IP traffic information, allowing a user to analyze network traffic on a per interface
basis to identity bandwidth issues and to understand data needs. Standard Netflow Filters can be applied
to narrow down results and target specific data requirements.

Image 4-12-4: Apps > Netflow Report

Status
Enable / Disable Netflow Reporting. Values (selection)
Disable / Enable

Source Address
The Source Address is the IP Address, of which data is to be collected and Values (IP Address)
analyzed. The default of 0.0.0.0 will collect and report information about all
addresses connected to the interface selected below.
0.0.0.0

Interface
Select between LAN, WAN and Carrier interfaces, or capture data from all Values (selection)
interfaces.
LAN / WAN / WAN2 /
WWAN / ALL

© Microhard 160
4.0 Configuration

Remote IP
The Remote IP is the IP Address of the NetFlow collector where the flow Values (IP Address)
reports are be sent.
0.0.0.0

Remote Port
Enter the Remote Port number. Values (IP Address)

Filter expression
Filter expression selects which packets will be captured. If no expression is Values (chars)
given, all packets will be captured. Otherwise, only packets for which
expression is `true' will be captured. Example: tcp&&port 80
(no default)
The “tcpdump” manual, available on the internet provides detailed expression syntax.

© Microhard 161
4.0 Configuration

4.12.3 Apps > Local Monitor

The Local Device Monitor allows the BulletPlusAC to monitor a local device connected locally to the
Ethernet port or to the locally attached network. If the BulletPlusAC cannot detect the specified IP or a
DHCP assigned IP, the unit will restart the DHCP service, and eventually restart the modem to attempt to
recover the connection.

Image 4-12-5: Apps > Local Monitor

Status
Enable or disable the local device monitoring service. Values (selection)
Disable / Enable

IP Mode
Select the IP mode. By selecting a fixed IP address the service will monitor Values (selection)
the connection to that specific IP. If auto detect is selected, the
BulletPlusAC will detect and monitor DHCP assigned IP address. Fixed local IP
Auto Detected IP

Local IP Setting
This field is only shown if Fixed Local IP is selected for the IP Mode. Enter Values (IP)
the static IP to be monitored in this field.
0.0.0.0

Status Timeout
The status timeout is the maximum time the BulletPlusAC will wait to detect Values (seconds)
the monitored device. At this time the BulletPlusAC will restart the DHCP
service. (5-65535 seconds) 10

Waiting DHCP Timeout

This field defines the amount of time the BulletPlusAC will wait to detect the Values (seconds)
monitored device before it will reboot the modem. (30-65535 seconds)
60

© Microhard 162
4.0 Configuration

4.12.4 Applications > Event Report

4.12.4.1 Event Report > Configuration

Event Reporting allows the BulletPlusAC to send periodic updates via UDP packets. These packets are
customizable and can be sent to up to 3 different hosts, and at a programmable interval. The event packet
can report information about the modem such as the hardware/ software versions, core temperature,
supply voltage, etc; carrier info such as signal strength (RSSI), phone number, Band; or about the WAN
such as if the assigned IP Address changes. All events are reported in binary.

Image 4-12-6: Applications > Event Report

Event Type
This box allows the selection of the type of event to be reported. The Values (selection)
default is disabled. If Modem_event is selected, additional options appear
to the right and allow for customization of the event reported via Messages. Modem_Event
If Management is selected, additional check boxes appear below to select SDP_Event
the interfaces to report to the Microhard NMS system. Management

Remote IP
Enter the IP Address of a reachable host to send the UDP packets Values (IP Address)
0.0.0.0

© Microhard 163
4.0 Configuration

Remote Port
Specify the UDP port number of the Remote IP Address. Values (Port #)
*Default Port Numbers for Microhard NMS (20100 for modem events, 20200 for 20200
Management)

Interval Time(s)
This is the interval time in seconds, that the BulletPlusAC will send the Values (seconds)
configured UDP message to the Remote IP and Port specified.
600

Message Info Type

When Modem_Event is selected, up to three different payloads can be Values (seconds)
selected.
Modem
Carrier
WAN

4.12.4.2 Event Report > Message Structure

Modem_event message structure

- fixed header (fixed size 20 bytes)

- Modem ID (uint64_t (8 bytes))
- Message type mask (uint8_t(1 byte))
- reserved
- packet length (uint16_t(2 bytes))
Note: packet length = length of fixed header + length of message payload.

Message type mask

Modem info - 2 bits

00 no
01 yes (0x1)
Carrier info - 2 bits
00 no
01 yes (0x4)
WAN Info - 2 bits
00 no
01 yes (0x10)

sdp_event message structure

- spd_cmd (1 byte(0x01))
- content length (1 byte)
- spd_package - same as spd response inquiry package format

© Microhard 164
4.0 Configuration

4.12.4.3 Event Report > Message Payload

Modem info:

Content length - 2 BYTES (UINT16_T)

Modem name - STRING (1-30 bytes)
Hardware version - STRING (1-30 bytes)
Software version - STRING (1-30 bytes)
Core temperature - STRING (1-30 bytes)
Supply voltage - STRING (1-30 bytes)
Local IP Address - 4 BYTES (UINT32_T)
Local IP Mask - 4 BYTES (UINT32_T)

Carrier info:

Content length - 2 BYTES (UINT16_T)

RSSI - 1 BYTE (UINT8_T)
RF Band - 2 BYTES (UINT16_T)
LTE_Network - STRING (1-30 Bytes)
Service type - STRING (1-30 Bytes)
Channel number - STRING (1-30 Bytes)
SIM card number - STRING (1-30 Bytes)
Phone number - STRING (1-30 Bytes)

WAN Info:

Content length - 2 BYTES (UINT16_T)

IP address - 4 BYTES (UINT32_T)
DNS1 - 4 BYTES (UINT32_T)
DNS2 - 4 BYTES (UINT32_T)

Message Order:

Messages will be ordered by message type number.

For example,

If message type mask = 0x15, the eurd package will be equipped by header+modem information+carrier
information+wanip information.

If message type mask = 0x4, the eurd package will be equipped by header+carrier information.

If message type mask = 0x11, the eurd package will be equipped by header+modem infomation+wanip
infomation.

a fixed message tail

content length --- 2 BYTES(UINT16_T)
product name --- STRING(1—64 bytes)
image name --- STRING(1—64 bytes)
domain name --- STRING(1—64 bytes)
domain password --- STRING(32 bytes) // MD5 encryption
module list --- 5 BYTES // radio, ethernet, carrier, usb, com

© Microhard 165
4.0 Configuration

4.13 Diag

4.13.1 Network Tools Ping

The Network Tools Ping feature provides a tool to test network connectivity from within the unit. A user can
use the Ping command by entering the IP address or host name of a destination device in the Ping Host
Name field, use Count for the number of ping messages to send, and the Packet Size to modify the size of
the packets sent.

Image 4-13-1: Diag > Ping

4.13.2 Network Tools Traceroute

The Traceroute feature can be used to provide connectivity data by providing information about the
number of hops, routers and the path taken to reach a particular destination.

Image 4-13-2: Diag > Traceroute

© Microhard 166
4.0 Configuration

4.13.3 Iperf
The BulletPlusAC features an integrated Iperf server/client to use to measure and analyze throughput of
TCP/UDP packets to and/or from the BulletPlusAC. Iperf is a 3rd party utility that can be loaded on any PC
to measure network performance. For additional information about Iperf, please visit the Iperf website.

The BulletPlusAC can be configured to operate as a Server, listening for an incoming connection from
another device (with Iperf), or PC running an Iperf client. If set to Iperf client, the BulletPlusAC will connect
to or send packets to a specified Iperf server.

Image 4-13-3: Diag > Iperf

Iperf Mode
Select between an Iperf Server (listens for incoming connections) and Values (selection)
client (initiates a connection with a server)
Server / Client

Server Status
If the Iperf mode to set to Server, this Server Status allows a user to Values (selection)
Enable or Disable the server.
Enable / Disable

Protocol
Select the type of packets to be sent to test the throughput. TCP packets Values (selection)
are connection oriented and require additional overhead for the
handshaking that occurs, while UDP is a connectionless, best effort TCP / UDP
oriented protocol.

© Microhard 167
4.0 Configuration

TCP Window Size

Set the TCP Window size for the Iperf Cleint/Server. The recommended Values (kbytes)
default is 85.3K, which can be set by entering 0.
0

TCP Maximum Segment Size

Set the TCP Max Segment Size for the Iperf Cleint/Server. Set to 0 for Values (string)
recommended settings.
0

Remote Server Address

When in Client mode, select the Iperf Server by entering its IP Address Values (IP Address)
here.
192.168.168.100

Duration
When in Client mode, select the duration of the test (in seconds). The Values (seconds)
default is 5.
5

Report Format
Select the format to display the bandwidth numbers in. Supported formats Values (selection)
are:
'Kbits' = Kbits/sec 'Kbytes' = KBytes/sec Kbits
'Mbits' = Mbits/sec 'M'bytes = MBytes/sec Mbits
Kbytes
Mbytes

© Microhard 168
4.0 Configuration

4.14 Admin

4.14.1 Admin > Users

Password Change

The Password Change menu allows the password of the user ‘admin’ to be changed. The ‘admin’
username cannot be deleted, but additional users can be defined and deleted as required as seen in the
Users menu below.

Image 4-14-1: Users > Password Change

New Password
Enter a new password for the ‘admin’ user. It must be at least 5 Values (characters)
characters in length. The default password for ‘admin’ is ‘admin’.
admin

Confirm Password
The exact password must be entered to confirm the password change, Values (characters)
if there is a mistake all changes will be discarded.
admin

© Microhard 169
4.0 Configuration

Add Users

Different users can be set up with customized access to the WebUI. Each menu or tab of the WebUI can
be disabled on a per user basis as seen below.

Image 4-14-2: Access Control > Users

Username
Enter the desired username. Minimum or 5 character and maximum of Values (characters)
32 character. Changes will not take effect until the system has been
restarted. (no default)
Min 5 characters
Max 32 characters

Password / Confirm Password

Passwords must be a minimum of 5 characters. The Password must Values (characters)
be re-entered exactly in the Confirm Password box as well.
(no default)
min 5 characters

© Microhard 170
4.0 Configuration

4.14.2 Admin > NMS Settings

The Microhard NMS is a no cost server based monitoring and management service offered by
Microhard Systems Inc. Using NMS you can monitor online/offline units, retrieve usage data,
perform backups and centralized upgrades, etc. The following section describes how to get
started with NMS and how to configure the BulletPlusAC to report to NMS.

To get started with NMS, browse to the Microhard NMS website, nms.microhardcorp.com,
click on the register button in the top right corner to register for a Domain (profile), and set up a
Domain Administrator Account.

Image 4-14-4: Microhard NMS

© Microhard 171
4.0 Configuration

Domain Name: A logical management zone for 3G or 4G devices will report to on NMS, the logged data
is separated from any other users that are using NMS. The Domain Name is required in every 3G or 4G
device for it to report to right zone. Under this user domain, one can create and manage sub-domain. The
sub-domain can only be created by the domain administrator, NOT by the NMS subscription page.

Domain Password: This password is used to prevent misuse of the domain. This needs to be entered
into each Cellular device for it to report to the right zone.

Email Address: The email address entered here will be the login username. During the registration stage,
a confirmation email will be sent by the NMS system for verification and confirmation to activate your
account.

Once confirmed, this account will be the administrator of the domain. The administrator can manage sub-
domain and user accounts that belong to this domain.

Once NMS has been configured, each BulletPlusAC must be configured to report into NMS.

Image 4-14-3: NMS Settings

© Microhard 172
4.0 Configuration

Network Management System (NMS) Configuration

Default Settings
The default Settings link will reset the configuration form to the default factory values. The form still needs
to be submitted before any changes will occur.

NMS Server/IP
The default server address for NMS is nms.microhardcorp.com. The NMS Values (IP/Name)
can also be hosted privately, and if that is the case, enter the address here.
nms.microhardcorp.com

Domain Name / Password

This is the domain name and password that was registered on the NMS Values (chars)
website, it must be entered to enable reporting to the NMS system.
default

NMS Report Setting

Carrier Location
Enable or Disable location estimation via carrier connection. When Values (chars)
enabled, the BulletPlusAC will consume some data to retrieve location
information from the internet. Disable/Enable

Report Status
Enable or Disable UDP reporting of data to the NMS system. Values (chars)
Enable NMS Report
Disable NMS Report

Remote Port
This is the port to which the UDP packets are sent, and the NMS system is Values (UDP Port#)
listening on. Ensure this matches what is configured on NMS. The default
is 20200. 20200

Interval(s)
The Interval defines how often data is reported to NMS. The more often Values (seconds)
data is reported, the more data is used, so this should be set according to a
user’s data plan. (0 to 65535 seconds) 300

© Microhard 173
4.0 Configuration

Information Selection
The BulletPlusAC can report information about the different interfaces it Values (check boxes)
has. By default the BulletPlusAC is set to send information about the
Carrier, such as usage and RSSI. Statistical and usage data on the Radio Ethernet
(WiFi), Ethernet and Serial interfaces can also be reported.
Carrier
The more that is reported, the more data that is sent to the NMS system, Radio
be aware of data plan constraints and related costs. COM
DI / DO

Webclient Setting

Status
The Web Service can be enabled or disabled. This service is used to Values (chars)
remotely control the BulletPlusAC. It can be used to schedule reboots,
firmware upgrade and backup tasks, etc. Disable/Enable

Server Type
Select between HTTPS (secure), or HTTP server type. Values (chars)
HTTPS/ HTTP

Server Port
This is the port where the service is installed and listening. This port should Values (Port#)
be open on any installed firewalls.
9998

Username / Password
This is the username and password used to authenticate the unit. Values (seconds)
admin/admin

Interval
The Interval defines how often the BulletPlusAC checks with the NMS Values (min)
System to determine if there are any tasks to be completed. Carrier data
will be consumed every time the device probes the NMS system. 60

© Microhard 174
4.0 Configuration

4.14.4 Admin > SNMP

The BulletPlusAC may be configured to operate as a Simple Network Management Protocol

(SNMP) agent. Network management is most important in larger networks, so as to be able to
manage resources and measure performance. SNMP may be used in several ways:

• configure remote devices

• monitor network performance
• detect faults
• audit network usage
SNMP: Simple Network • detect authentication failures
Management Protocol
provides a method of A SNMP management system (a PC running SNMP management software) is required for this
managing network service to operate. This system must have full access to the BulletPlusAC. Communications is
devices from a single PC
running network in the form of queries (information requested by the management system) or traps (information
management software. initiated at, and provided by, the SNMP agent in response to predefined events).
Managed networked Objects specific to the BulletPlusAC are hosted under private enterprise number 21703.
devices are referred to as
SNMP agents.
An object is a variable in the device and is defined by a Management Information Database
(MIB). Both the management system and the device have a copy of the MIB. The MIB in the
management system provides for identification and processing of the information sent by a
device (either responses to queries or device-sourced traps). The MIB in the device relates
subroutine addresses to objects in order to read data from, or write data to, variables in the
device.

An SNMPv1 agent accepts commands to retrieve an object, retrieve the next object, set and
object to a specified value, send a value in response to a received command, and send a value
in response to an event (trap).

SNMPv2c adds to the above the ability to retrieve a large number of objects in response to a
single request.

SNMPv3 adds strong security features including encryption; a shared password key is utilized.
Secure device monitoring over the Internet is possible. In addition to the commands noted as
supported above, there is a command to synchronize with a remote management station.

The pages that follow describe the different fields required to set up SNMP on the BulletPlusAC.
MIBS may be requested from Microhard Systems Inc.

The MIB file can be downloaded directly from the unit using the ‘Get MIB File’ button on the
Admin > SNMP menu.

© Microhard 175
4.0 Configuration

SNMP Settings

Image 4-14-4: Admin > SNMP

SNMP Agent Status

If disabled, an SNMP service is not provided from the device. Values (selection)
Enabled, the device - now an SNMP agent - can support SNMPv1, v2,
& v3. Enable / Disable

Read Only Community Name

Effectively a plain-text password mechanism used to weakly Values (string)
authenticate SNMP queries. Being part of the community allows the
SNMP agent to process SNMPv1 and SNMPv2c requests. This public
community name has only READ priority.

© Microhard 176
4.0 Configuration

Read Only Community Name

Also a plain-text password mechanism used to weakly authenticate Values (string)
SNMP queries. Being part of the community allows the SNMP agent to
process SNMPv1 and SNMPv2c requests. This community name has private
only READ/WRITE priority.

Listening Port
Set the UDP port used for the SNMP protocol. Values (UDP Port)
161

SNMP Version
Select the SNMP version used for Set/Get events and SNMP traps Values (selection)
events.
Version 1
Version 2
Version 3

SNMP V3 User Name

Defines the user name for SNMPv3. Values (string)
V3user

V3 User Read Write Limit

Defines accessibility of SNMPv3; If Read Only is selected, the Values (selection)
SNMPv3 user may only read information; if Read Write is selected, the
SNMPv3 user may read and write (set) variables. Read Only / Read Write

V3 User Authentication Level

Defines SNMPv3 user’s authentication level: Values (selection)
NoAuthNoPriv: No authentication, no encryption.
AuthNoPriv: Authentication, no encryption. NoAuthNoPriv
AuthPriv: Authentication, encryption. AuthNoPriv
AuthPriv

V3 Authentication Protocol
Set the SNMP V3 Authentication Protocol. Only valid when V3 User Values (selection)
Authentication Level set to AuthNoPriv or AuthPriv.
MD5
SHA

V3 User Authentication Password

SNMPv3 user’s authentication password. Only valid when V3 User Values (string)
Authentication Level set to AuthNoPriv or AuthPriv.
00000000

© Microhard 177
4.0 Configuration

V3 Privacy Protocol
Set the SNMP V3 Privacy Protocol. Only valid when V3 User Values (selection)
Authentication Level set to AuthPriv.
DES
AES

V3 User Privacy Password

SNMPv3 user’s encryption password. Only valid when V3 User Values (string)
Authentication Level set to AuthPriv (see above).
00000000

SNMP Trap Settings

SNMP Trap Status

Enable SNMP Traps to be set when SNMP trap events are triggered. Values (selection)
Disable / Enable

Trap Community Name

The community name which may receive traps. Values (string)
TrapUser

Trap Manage Host IP

Defines a host IP address where traps will be sent to (e.g. SNMP Values (IP Address)
management system PC IP address).
0.0.0.0

Auth Failure Traps

If enabled, an authentication failure trap will be generated upon Values (selection)
authentication failure.
Disable / Enable

Trap Selection
Enable/Select which SNMP traps that should be sent when the modem Values (varies)
detects an event:
RSSI Threshold: 90 (-dBm)
RSSI - Set the RSSI threshold and Interval of when to send traps. Interval: 90
Roaming - Send a trap when unit enters Roaming status. Roaming Interval: 90
IO Setting / IO Status - Send SNMP trap for when IO status changes.

WAN IP - Send SNMP trap when WAN IP is changed.

© Microhard 178
4.0 Configuration

4.14.5 Admin > Discovery

Microhard Radio employ a discovery service that can be used to detect other Microhard Radio’s on a
network. This can be done using a stand alone utility from Microhard System’s called ‘IP Discovery’ or from
the Admin > Discovery menu. The discovery service will report the MAC Address, IP Address, Description,
Product Name, Firmware Version, Operating Mode, and the SSID.

Image 4-14-5: Admin > Discovery Settings

Discovery Service Status

Use this option to disable or enable the discovery service. Values (selection)
Disable / Enable

Server Port Settings

Specify the port running the discovery service on the BulletPlusAC Values (Port #)
unit.
20097

Network Discovery
The Network discovery tool allows the BulletPlusAC to send a broadcast to all Microhard Cellular units on
the same network. Other units on the network will respond to the broadcast and report their MAC address,
IP address (With a hyperlink to that units WebUI page), description, firmware version.

The discovery service can be a useful troubleshooting tool and can be used to quickly find and indentify
other units on the network.

© Microhard 179
4.0 Configuration

4.14.6 System > Logout

The logout function allows a user to end the current configuration session and prompt for a login
screen.

Image 4-14-6: System > logout

© Microhard 180
5.0 AT Command Line Interface

5.1 AT Command Overview

AT Commands can be issued to configure and manage the BulletPlusAC, via the back serial port
(Console), or by TCP/IP (telnet).

5.1.1 Serial Port

To connect and access the AT Command interface on the BulletPlusAC, a physical connection must be
made on the Console (TX/RX) serial port on the back of the BulletPlusAC A terminal emulation program
(Hyperterminal, Tera Term, ProComm, Putty etc) can then be used to communicate with the BulletPlusAC.
The port settings of this port can be modified by changing the settings of the Console Port, in the Serial
configuration menus.

Default Settings:

Baud rate: 115200

Data bits: 8

Parity: None

Stop Bits: 1

Flow Control: None

Image 5-1: Console Port Settings

Once communication is established, a login is required to access the AT Command interface, once logged
in, the AT Command Line Interface menu is displayed. Type “?” or Help to list the menu commands.

Default Settings:

BulletPlusAC login: admin

Password: admin

Image 5-2: AT Command Window

© Microhard 181
5.0 AT Command Line Interface

5.1.2 Telnet (TCP/IP)

Telnet can be used to access the AT Command interface of the BulletPlusAC. The default port is TCP Port
23. A telnet session can be made to the unit using any Telnet application (Windows Telnet, Tera Term,
ProComm etc). Once communication is established, a login is required to continue.

Telnet in Windows 7/10

may not installed by
default, to use Telnet, first
go to “Add/Remove
Windows Features” on
your PC and add the
Telnet Client. Image 5-3: Establishing a Telnet Session

A session can be made to the WAN IP Address (if allowed in the firewall settings) for remote configuration,
or to the local RJ45 interface.

Once a session is established a login is required to continue. As seen in the Serial port setup, the default
login is admin, and the password is admin. Once verified, the AT Command Line Interface menu is shown
and AT Commands can now be issued. (Type “?” or Help to list the commands).

The factory default

network settings:

IP: 192.168.168.1
Subnet: 255.255.255.0
Gateway: 192.168.168.1

Image 5-4: Telnet AT Command Session

© Microhard 182
5.0 AT Command Line Interface

5.2 AT Command Syntax

The follow syntax is used when issuing AT Commands on the BulletPlusAC

- All commands start with the AT characters and end with the <Enter> key
- Microhard Specific Commands start with +M
- Help will list top level commands (ATL will list ALL available AT Commands)
- To query syntax of a command: AT+<command_name>=?
- Syntax for commands that are used only to query a setting:
AT<command_name>
- Syntax for commands that can be used to query and set values:
AT<command_name>=parameter1,parameter2,… (Sets Values)
AT<command_name>? (Queries the setting)

Query Syntax:
AT+MSMNAME=? <Enter>
+MSMNAME: Command Syntax: AT+MSMNAME=<Modem_Name>
Parameter:
<Modem_Name> : 1 - 64 characters. Must be alphanumeric or dots(.), or dashes(-)
or underscores(_)
OK

Setting a value:
AT+MSMNAME=BulletPlusAC <Enter>
OK

Query a setting:
AT+MSMNAME? <Enter>
Host name:BulletPlusAC
OK

A screen capture of the above commands entered into a unit is shown below:

Image 5-5: AT Command Syntax

Once AT commands are entered, they must be saved into the file system to enable the changes.
AT&W Saves changes.
ATO or ATA Exits the AT Command Line Interface, if used before AT&W,
changes are discarded.

© Microhard 183
5.0 AT Command Line Interface

5.3 Supported AT Commands

Basic AT Commands
AT Command Description Syntax Effect
AT AT echo OK AT <enter> Immediate

ATE0 Disable echo ATE0 <enter> Immediate

ATE1 Enabled local echo ATE1 <enter> Immediate

ATH Show a list of previously run commands ATH <enter> Immediate

ATL Show a list of all available AT Commands ATL <enter> Immediate

AT&R Read modem profile to editable profile. AT&R <enter> Immediate

(Reserved)

AT&V Read modem active profile AT&V <enter> Immediate

AT&W Enable configuration changes that have been AT&W <enter> Immediate
entered

ATA Quit. Exits AT command session and returns to ATA <enter> Immediate
login prompt

ATO Quit. Exits AT command session and returns to ATO <enter> Immediate
login prompt

Administrative AT Commands
AT Command Description Syntax Effect
AT+MANMSSRV Get/Set NMS Server AT+MANMSSRV[=<Server>,<Name>,<Password>,<Confirm Password>] AT&W
<Server>:
NMS Server/IP. 1 to 63 characters
<Name>:
Domain Name. 1 to 63 characters
<Password>:
Domain Password. 5 to 64 characters
<Confirm Password>:
Same as <Password>. 5 to 64 characters

AT+MAWSCLIENT Get/Set Web Service Client AT+MAWSCLIENT[=<Mode>[,<ServerType>,<Port>,<UserName>,<Password>,<Interval>]] AT&W

<Mode>:
0 - Disable
1 - Enable
<ServerType>:
0 - https
1 - http
<Port>:
1 to 65535. Default is 9998
<UserName>:
1 to 63 characters
<Password>:
5 to 64 characters
<Interval>:
In minute. 1 to 65535 minutes.

AT+MADISS Get/Set discovery service used by the modem AT+MADISS[=<Mode>[,<Port>]] AT&W

Mode:
0 - Disable
1 - Discoverable
Port:
1 to 65535. Default is 20097

AT+MASNMP Get/Set SNMP service AT+MASNMP[=<Mode>[,<ROCommunity>,<RWCommunity>,<Port>,<Version>[,<Location>, AT&W

<Contact>]]]
<Mode>:
0 - Disable
1 - Enable
<ROCommunity>: Read Only Community Name
1 to 32 characters
<RWCommunity>: Read Write Community Name
1 to 32 characters
<Port>: Listening Port
1 to 65535. Default is 161
<Version>: SNMP version
1 - Version 1
2 - Version 2
3 - Version 3 (Use AT+MASNMPV3 to set Authentication and Privacy parameters)
<Location>: System Location. 1 to 64 characters
<Contact>: System Contact. 1 to 64 characters

© Microhard 184
5.0 AT Command Line Interface

Administrative AT Commands (Continued)

AT Command Description Syntax Effect

AT+MASNMPV3 Get/Set SNMP Version 3 AT+MASNMPV3=<UserName>,<RWLimit>,<AuthLevel>[,<Auth>,<AuthPassword>[,<Privacy>, AT&W

<PrivacyPassword>]]
<UserName> : V3 User Name
1 to 32 characters
<RWLimit> : V3 User Read Write Limit
0 - Read Only
1 - Read Write
<AuthLevel> : V3 User Authentication Level
0 - NoAuthNoPriv
1 - AuthNoPriv
2 - AuthPriv
<Auth> : V3 Authentication Protocol
0 - MD5
1 - SHA
<AuthPassword> : V3 Authentication Password
5 to 64 characters
<Privacy> : V3 Privacy Protocol
0 - DES
1 - AES
<PrivacyPassword>: V3 Privacy Password
5 to 64 characters
Usage:
NoAuthNoPriv : AT+MASNMPV3=<UserName>,<RWLimit>,0
AuthNoPriv : AT+MASNMPV3=<UserName>,<RWLimit>,1,<Auth>,<AuthPassword>
AuthPriv : AT+MASNMPV3=<UserName>,<RWLimit>,2,<Auth>,<AuthPassword>,<Privacy>,
<PrivacyPassword>

AT+MASNMPTRAP Get/Set SNMP Trap AT+MASNMPTRAP[=<Mode>[,<Name>,<IP>[,<AuthFailureTraps>]] AT&W

<Mode>:
0 - Disable
1 - Enable
<Name>:
Trap Community Name. 1 to 32 characters
<IP>:
Trap Manage Host IP. Default 0.0.0.0 (Disable)
<AuthFailureTraps>:
0 - Disable
1 - Enable
Usage:
AT+MASNMPTRAP
AT+MASNMPTRAP=0
AT+MASNMPTRAP=1[,<Name>,<IP>[,<AuthFailureTraps>]]

Serial Console Port AT Commands

AT Command Description Syntax Effect

AT+MCCPS Get/Set Console port status AT+MCCPS=<Mode> AT&W

Parameters:
Mode:
0 - Console
1 - Data

AT+MCCBR Get/Set console port baud rate AT+MCCBR=<Baud Rate Type> AT&W
Parameters:
Baud Rate Type:
0 - 300
1 - 600
2 - 1200
3 - 2400
4 - 3600
5 - 4800
6 - 7200
7 - 9600
8 - 14400
9 - 19200
10 - 28800
11 - 38400
12 - 57600
13 - 115200
14 - 230400
15 - 460800
16 - 921600

AT+MCCDF Get/Set console port data format AT+MCCDF=<Data Format Type> AT&W
Parameters:
Data Format Option:
0 - 8N1
2 - 8E1
3 - 8O1

© Microhard 185
5.0 AT Command Line Interface

Serial Console Port AT Commands (Continued)

AT Command Description Syntax Effect

AT+MCCDM Get/Set console port data mode AT+MCCDM=<Data Mode Type> AT&W
Parameters:
Data Mode Option:
0 - Seamless
1 - Transparent

AT+MCCCT Get/Set console port character timeout AT+MCCCT=<timeout> AT&W

Parameters:
Timeout: 1 to 65535 in seconds

AT+MCCMPS Get/Set console port maximum packet size AT+MCCMPS=<size> AT&W

Parameters:
Maximum packet size: 1 to 2048

AT+MCCNCDI Get/Set console port no-connection data intake AT+MCCNCDI=<Mode> AT&W

Parameters:
Mode Option:
0 - Disable
1 - Enable

AT+MCCMTC Get/Set console port Modbus tcp configuration AT+MCCMTC=<Status> AT&W

Parameters:
Modbus Status:
0 - Disable
1 - Enable

AT+MCCIPM Get/Set console port IP protocol mode AT+MCCIPM=<IP Protocol Config> AT&W
Parameters:
IP Protocol Config:
0 - TCP Client
1 - TCP Server
2 - TCP Client/Server
3 - UDP Point to Point
4 - UDP Point to Multipoint(P)
5 - UDP Point to Multipoint(MP)
7 - SMTP Client
8 - PPP
11- GPS Transparent Mode

AT+MCCTC Get/Set console port tcp client configuration when AT+MCCTC=<Remote Server IP>,<Remote Server Port>,<Outgoing timeout> AT&W
IP protocol mode is TCP Client Parameters:
Remote Server IP : valid IP address
Remote Server Port : 1 to 65535
Outgoing timeout : 1 to 65535 in seconds

AT+MCCTS Get/Set console port tcp server configuration AT+MCCTS=<Server Mode>,<Polling Timeout>,<Local Listening Port>,<Connection timeout> AT&W
when IP protocol mode is TCP Server Parameters:
Server Mode : 0 - Monitor; 1 - Polling
Polling timeout : 1 to 65535 in seconds
Local Listening Port : 1 to 65535
Connection timeout : 1 to 65535 in seconds

AT+MCCTCS Get/Set Serial console port tcp client/server AT+MCCTCS[=<Remote Server IP>,<Remote Server Port>,<Outgoing timeout>,<Server AT&W
configuration when IP protocol mode is TCP Mode>,<Polling Timeout>,<Local Listener Port>,<Incoming timeout>]
Client/Server Parameters:
Remote Server IP : valid IP address
Remote Server Port : 1 to 65535
Outgoing timeout : 1 to 65535 in seconds
Server Mode : 0 - Monitor; 1 - Polling
Polling timeout : 1 to 65535 in seconds
Local Listening Port : 1 to 65535
Incoming timeout : 1 to 65535 in seconds

AT+MCCUPP Get/Set Serial console port UDP point to point AT+MCCUPP[=<Remote IP>,<Remote Port>,<Listening Port>,<UDP Timeout>] AT&W
configuration when IP protocol mode is UDP point Parameters:
to point Remote IP : valid IP address
Remote Port : 1 to 65535
Listening Port : 1 to 65535
UDP Timeout : 1 to 65535 in seconds

© Microhard 186
5.0 AT Command Line Interface

Serial Console Port AT Commands (Continued)

AT Command Description Syntax Effect
AT+MCCPPP Get/Set Serial console port PPP configuration AT+MCCPPP[=<Mode>,<CCP negotiation>,<LCP Echo Failure Number>,<LCP Echo Interv AT&W
when IP protocol mode is PPP al>,<Local IP>,<Host IP>, <Idle Timeout>[,<Expected String>,<Response String>]]
Parameters:
Mode : 0 - Active; 1 - Passive
CCP negotiation : 0 - Disable; 1 - Enable
LCP Echo Failure Number : [0 .. 65535]
LCP Echo Interval : [0 .. 65535]
Local IP : Valid IP address
Host IP : Valid IP address
Idle Timeout : 1 to 65535 in seconds
Expected String : (Optional) 0 - 63 characters
Response String : (Optional) 0 - 63 characters

AT+MCCUPMP Get/Set Serial console port UDP point to mul- AT+MCCUPMP[=<Multicast IP>,<Multicast Port>,<Listening Port>,<Time To Live>,<Multicast AT&W
tipoint as point configuration when IP protocol Interface>
mode is set to UDP point to multipoint (P) Parameters:
Multicast IP : valid IP address
Multicast Port : 1 to 65535
Listening Port : 1 to 65535
Time To Live : 1 to 255 in seconds
Multicast Interface : 0 - default
1 - LAN
2 - WWAN

AT+MCCUPMM Get/Set Serial console port UDP point to mul- AT+MCCUPMM[=<Remote IP>,<Remote Port>,<Multicast IP>,<Multicast Port>,<Multicast Inter- AT&W
tipoint as MP configuration when IP protocol face>]
mode be set to UDP point to multipoint (MP) Parameters:
Remote IP : valid IP address
Remote Port : 1 to 65535
Multicast IP : valid IP address
Multicast Port : 1 to 65535
Multicast Interface : 0 - default
1 - LAN
2 - WWAN

AT+MCCSMTP Get/Set Serial console port SMTP client configu- AT+MCCSMTP=<Mail Subject>,<Mail Server:Port>,<Username>,<Password>, <Mail Recipi- AT&W
ration when IP Protocol mode is set to SMTP ent>,<Message Max Size>,<TimeOut>, <Transfer Mode>,<Connection Security>
client Parameters:
Mail Subject : 1 to 255 bytes
Mail Server : Valid Mail Server (IP/Name)[:port], 1 to 255 bytes
Username : 1 to 255 bytes
Password : 5 to 64 bytes
Mail Recipient : 1 to 255 bytes
Message Max Size : [1 .. 65535]
TimeOut : 1 to 65535 in seconds
Transfer Mode : 0 - Text
1 - Attached File
2 - Hex Code
Connection Security : 0 - SSL/TLS
1 - STARTTLS

AT+MCDPS Get/Set Data port status AT+MCDPS=<Mode> AT&W

Parameters:
Mode:
0 - Console
1 - Data

AT+MCDPM Get/Set Serial Data port mode. AT+MCDPM=<Mode> AT&W

Parameters:
Mode:
0 - RS232
1 - RS485 Full Duplex
2 - RS485 Half Duplex

AT+MCDBR Get/Set Data port baud rate AT+MCDBR=<Baud Rate Type> AT&W
Parameters:
Baud Rate Type:
0 - 300
1 - 600
2 - 1200
3 - 2400
4 - 3600
5 - 4800
6 - 7200
7 - 9600
8 - 14400
9 - 19200
10 - 28800
11 - 38400
12 - 57600
13 - 115200
14 - 230400
15 - 460800
16 - 921600

© Microhard 187
5.0 AT Command Line Interface

Serial DATA Port AT Commands

AT Command Description Syntax Effect
AT+MCDDF Get/Set Data port data format AT+MCDDF=<Data Format Type> AT&W
Parameters:
Data Format Option:
0 - 8N1
2 - 8E1
3 - 8O1

AT+MCDDM Get/Set Data port data mode AT+MCDDM=<Data Mode Type> AT&W
Parameters:
Data Mode Option:
0 - Seamless
1 - Transparent

AT+MCDFC Get/Set Serial Data Port flow control AT+MCDFC[=<Flow Control>] AT&W
Parameters:
Flow Control : 0 - none
1 - RTS/CTS

AT+MCDCT Get/Set Data port character timeout AT+MCDCT=<timeout> AT&W

Parameters:
Timeout: 1 to 65535 in seconds

AT+MCDMPS Get/Set Data port maximum packet size AT+MCDMPS=<size> AT&W

Parameters:
Maximum packet size: 1 to 2048

AT+MCDNCDI Get/Set Data port no-connection data intake AT+MCDNCDI=<Mode> AT&W

Parameters:
Mode Option:
0 - Disable
1 - Enable

AT+MCDMTC Get/Set Data port Modbus tcp configuration AT+MCDMTC=<Status> AT&W

Parameters:
Modbus Status:
0 - Disable
1 - Enable

AT+MCDIPM Get/Set Data port IP protocol mode AT+MCDIPM=<IP Protocol Config> AT&W
Parameters:
IP Protocol Config:
0 - TCP Client
1 - TCP Server
2 - TCP Client/Server
3 - UDP Point to Point
4 - UDP Point to Multipoint(P)
5 - UDP Point to Multipoint(MP)
7 - SMTP Client
8 - PPP
11- GPS Transparent Mode

AT+MCDTC Get/Set Data port tcp client configuration when IP AT+MCDTC=<Remote Server IP>,<Remote Server Port>,<Outgoing timeout> AT&W
protocol mode is TCP Client Parameters:
Remote Server IP : valid IP address
Remote Server Port : 1 to 65535
Outgoing timeout : 1 to 65535 in seconds

AT+MCDTS Get/Set Data port tcp server configuration when AT+MCDTS=<Server Mode>,<Polling Timeout>,<Local Listening Port>,<Connection timeout> AT&W
IP protocol mode is TCP Server Parameters:
Server Mode : 0 - Monitor; 1 - Polling
Polling timeout : 1 to 65535 in seconds
Local Listening Port : 1 to 65535
Connection timeout : 1 to 65535 in seconds

AT+MCDTCS Get/Set Serial Data port tcp client/server configu- AT+MCDTCS[=<Remote Server IP>,<Remote Server Port>,<Outgoing timeout>,<Server AT&W
ration when IP protocol mode is TCP Client/ Mode>,<Polling Timeout>,<Local Listener Port>,<Incoming timeout>]
Server Parameters:
Remote Server IP : valid IP address
Remote Server Port : 1 to 65535
Outgoing timeout : 1 to 65535 in seconds
Server Mode : 0 - Monitor; 1 - Polling
Polling timeout : 1 to 65535 in seconds
Local Listening Port : 1 to 65535
Incoming timeout : 1 to 65535 in seconds

© Microhard 188
5.0 AT Command Line Interface

Serial Data Port AT Commands (Continued)

AT Command Description Syntax Effect
AT+MCDUPP Get/Set Serial Data port UDP point to point AT+MCDUPP[=<Remote IP>,<Remote Port>,<Listening Port>,<UDP Timeout>] AT&W
configuration when IP protocol mode is UDP point Parameters:
to point Remote IP : valid IP address
Remote Port : 1 to 65535
Listening Port : 1 to 65535
UDP Timeout : 1 to 65535 in seconds

AT+MCDPPP Get/Set Serial Data port PPP configuration when AT+MCDPPP[=<Mode>,<CCP negotiation>,<LCP Echo Failure Number>,<LCP Echo Interv AT&W
IP protocol mode is PPP al>,<Local IP>,<Host IP>, <Idle Timeout>[,<Expected String>,<Response String>]]
Parameters:
Mode : 0 - Active; 1 - Passive
CCP negotiation : 0 - Disable; 1 - Enable
LCP Echo Failure Number : [0 .. 65535]
LCP Echo Interval : [0 .. 65535]
Local IP : Valid IP address
Host IP : Valid IP address
Idle Timeout : 1 to 65535 in seconds
Expected String : (Optional) 0 - 63 characters
Response String : (Optional) 0 - 63 characters

AT+MCDUPMP Get/Set Serial Data port UDP point to multipoint AT+MCDUPMP[=<Multicast IP>,<Multicast Port>,<Listening Port>,<Time To Live>,<Multicast AT&W
as point configuration when IP protocol mode is Interface>
set to UDP point to multipoint (P) Parameters:
Multicast IP : valid IP address
Multicast Port : 1 to 65535
Listening Port : 1 to 65535
Time To Live : 1 to 255 in seconds
Multicast Interface : 0 - default
1 - LAN
2 - WWAN

AT+MCDUPMM Get/Set Serial Data port UDP point to multipoint AT+MCDUPMM[=<Remote IP>,<Remote Port>,<Multicast IP>,<Multicast Port>,<Multicast Inter- AT&W
as MP configuration when IP protocol mode be face>]
set to UDP point to multipoint (MP) Parameters:
Remote IP : valid IP address
Remote Port : 1 to 65535
Multicast IP : valid IP address
Multicast Port : 1 to 65535
Multicast Interface : 0 - default
1 - LAN
2 - WWAN

AT+MCDSMTP Get/Set Serial Data port SMTP client configura- AT+MCDSMTP=<Mail Subject>,<Mail Server:Port>,<Username>,<Password>, <Mail Recipi- AT&W
tion when IP Protocol mode is set to SMTP client ent>,<Message Max Size>,<TimeOut>, <Transfer Mode>,<Connection Security>
Parameters:
Mail Subject : 1 to 255 bytes
Mail Server : Valid Mail Server (IP/Name)[:port], 1 to 255 bytes
Username : 1 to 255 bytes
Password : 5 to 64 bytes
Mail Recipient : 1 to 255 bytes
Message Max Size : [1 .. 65535]
TimeOut : 1 to 65535 in seconds
Transfer Mode : 0 - Text
1 - Attached File
2 - Hex Code
Connection Security : 0 - SSL/TLS
1 - STARTTLS

© Microhard 189
5.0 AT Command Line Interface

Firewall AT Commands
AT Command Description Syntax Effect
AT+MFGEN1 Get/Set firewall general configuration AT+MFGEN1[=<WAN>[,<Remote Management>,<Remote Access>,<LAN Outgoing>]] AT&W
Firewall General Configuration:
Parameters
WAN Connection: 0 - WWAN
1 - WAN1
2 - WAN2
3 - WIFI
Remote Management : 0 - Block
1 - Allow
Remote Access: 0 - Block
1 - Allow
LAN Outgoing: 0 - Block
1 - Allow

AT+MFGEN2 Get/Set firewall other general configuration AT+MFGEN2[=<Config>[,<Mode>]] AT&W

Firewall General Configuration:
Parameters
Config: 0 - Anti-Spoof
1 - Packet Normalization
Mode: 0 - Disable
1 - Enable
Mode: 0 - Disable (Block) 1 - Enable (Allow)

AT+MFDMZ Get/Set firewall DMZ configuration AT+MFDMZ[=<WAN>[,<DMZ Mode>[,<DMZ Server IP>,<Exception Port>,<SNAT>]]] AT&W
Parameters:
WAN : 0 - WWAN
1 - WAN1
2 - WAN2
3 - WIFI
DMZ Mode: 0 - Disable
1 - Enable
DMZ Server IP: Valid IP address
Exception Port: 0 - 65535
Source NAT: 0 - No; 1 - Yes

AT+MFPORTFWD Get/Set firewall Port Forwarding rule AT+MFPORTFWD[=<Name>[,<Operation>[,<Source>,<Internal IP>,<Internal Port>,<Protocol>, AT&W
<External Port>,<SNAT>]]]
Parameters:
Name : Name of Port Forwarding rule, 1 - 64 characters
Operation : ADD - Add a rule
EDIT - Edit a rule
DEL - Delete a rule
Source : 0 - WAN1
1 - WAN2
2 - WIFI
3 - WWAN
Internal IP : Valid IP address
Internal Port : Valid port number, 0 - 65535. 0 - Reset
Protocol : 0 - TCP
1 - UDP
2 - TCPUDP
External Port : Valid port number, 1 - 65535
Source NAT : 0 - No; 1 - Yes
Usage:
AT+MFPORTFWD
AT+MFPORTFWD=<Name>
AT+MFPORTFWD=<Name>,DEL
AT+MFPORTFWD=<Name>,ADD,<Source>,<Internal IP>,<Internal Port>,<Protocol>,<Exte
rnal Port>,<SNAT>
AT+MFPORTFWD=<Name>,EDIT,<Source>,<Internal IP>,<Internal Port>,<Protocol>,<Ext
ernal Port>,<SNAT>

AT+MFMAC Get/Set firewall MAC list AT+MFMAC[=<Name>[,<Operation>[,<Action>,<Mac Address>]]] AT&W

Parameters:
Name : Name of firewall MAC list name, 1 - 64 characters
Operation : ADD - Add a firewall MAC list
EDIT - Edit a firewall MAC list
DEL - Delete a firewall MAC list
Action : 0 - Accept
1 - Drop
2 - Reject
MAC Address : Valid MAC address
Usage:
AT+MFMAC
AT+MFMAC=<Name>
AT+MFMAC=<Name>,DEL
AT+MFMAC=<Name>,ADD,<Action>,<Mac Address>
AT+MFMAC=<Name>,EDIT,<Action>,<Mac Address>

© Microhard 190
5.0 AT Command Line Interface

Firewall AT Commands (Continued)

AT Command Description Syntax Effect
AT+MFIP Get/SET firewall IP list AT+MFIP[=<Name>[,<Operation>[,<Action>,<Source>,<IP Address>[,<Prefix>]]]] AT&W
Parameters:
Name : Name of firewall IP list name, 1 - 64 characters
Operation : ADD - Add a firewall IP list
EDIT - Edit a firewall IP list
DEL - Delete a firewall IP list
Action : 0 - Accept
1 - Drop
2 - Reject
Source : 0 - LAN
1 - WAN1
2 - WAN2
3 - WIFI
4 - WWAN
Source IP : Valid IP address
Prefix : 0 ~ 32. 32 (default) - single IP address
Usage:
AT+MFIP
AT+MFIP=<Name>
AT+MFIP=<Name>,DEL
AT+MFIP=<Name>,ADD,<Action>,<Source>,<IP Address>[,<Prefix>]
AT+MFIP=<Name>,EDIT,<Action>,<Source>,<IP Address>[,<Prefix>]

AT+MFRULE Get/Set firewall rule AT+MFRULE[=<Name>[,<Operation>[,<Type>,<Action>,<Source>,<Src IP Format>,<Src IP From/ AT&W

Subnet>, <Src IP To/Prefix>,<Destination>,<Dest IP Format>,<Dest IP From/Subnet>,<Dest IP To/
Pre
fix>, <Dest Port>,<Protocol>]]]
Parameters:
Name : Name of firewall rule name, 1 - 64 characters
Operation : ADD - Add a firewall rule
EDIT - Edit a firewall rule
DEL - Delete a firewall rule
Type : 0 - Input
1 - Output
2 - Forward
Action : 0 - Accept
1 - Drop
2 - Reject
Source : (Must be "Any", if Type is Output)
0 - LAN
1 - WAN1
2 - WAN2
3 - WIFI
4 - WWAN
5 - Any
IP Format : 0 - IP Range
1 - Subnet / Prefix
IP From/Subnet: Valid IP address
IP To/Prefix : Valid IP address or 0 ~ 32 for Prefix
Destination : (Must be "Any", if Type is Input)
0 - LAN
1 - WAN1
2 - WAN2
3 - WIFI
4 - WWAN
5 - Any
IP Format : 0 - IP Range
1 - Subnet / Prefix
IP From/Subnet: Valid IP address
IP To/Prefix : Valid IP address or 0 ~ 32 for Prefix
Port/Range : Port 0 ~ 65535 or Port range specified as 100:200 format
Protocol : 0 - TCP
1 - UDP
2 - TCPUDP
3 - ICMP
4 - Protocol 41
5 - GRE
6 - ALL

AT+MFRST Reset to default firewall AT+MFRST <enter> Immediate

© Microhard 191
5.0 AT Command Line Interface

I/O AT Commands
AT Command Description Syntax Effect
AT+MIOMODE Get/Set IO input or output mode AT+MIOMODE=<Index>,<Mode> AT&W
Index:
The index of IO port, 1 to 2
Mode:
0 Input
1 Output

AT+MIOOC Get/Set output control AT+MIOOC=<Index>,<Output Control> AT&W

Index:
The index of IO port, 1 to 2
Output Control:
0 Open
1 Close

AT+MIOSTATUS Get IO Status AT+MIOSTATUS <enter> Immediate

Sample Output:
+MIOSTATUS: IO status
iodigiinval1=High
iodigiinval2=High

AT+MIOMETER Get IO Meter (V) AT+MIOMETER <enter> Immediate

+MIOMETER: IO meter(V)
iovolts1=12.22
iovolts2=2.81

© Microhard 192
5.0 AT Command Line Interface

Carrier/Modem AT Commands

AT Command Description Syntax Effect

AT+MMIMEI Get Modem’s IMEI AT+MMIMEI <enter> Immediate

357188080005558
OK

AT+MMIMSI Get Modem’s IMSI AT+MMIMSI <enter> Immediate

302610020063458
OK

AT+MMNETRSSI Get Modem’s RSSI AT+MMNETRSSI <enter> Immediate

-63
OK

AT+MMBOARDTEMP Get Modem’s Temperature AT+MMBOARDTEMP <enter> Immediate

47.99
OK

AT+MMWANIP Get Modem’s WAN IP AT+MMWANIP <enter> Immediate

10.94.114.117
OK

AT+MMNUM Get modem’s phone number AT+MMNUM <enter> Immediate

14034639685
OK

AT+MMIMI Get modem’s IMEI and IMSI AT+MMIMI <enter> Immediate

MMIMEI:357188080005558
MMIMSI:302610020063458
OK

AT+MMCID Get modem’s SIM Card number AT+MMCID <enter> Immediate

89302610102038338489
OK

AT+MMAPN Get/Set APN AT+MMAPN[=<Index>[,<APN>]] AT&W

<Index> : SIM Card No.
1 - SIM Card 1
2 - SIM Card 2
<APN> : Max 255 characters
OK

AT+MMPOWERIN Get Modem’s Voltage AT+MMPOWERIN <enter> Immediate

12.14
OK

AT+MMMGS Send SMS AT+MMMGS=<Phone Number><CR> Immediate

<Phone Number>: Valid phone number
Text is entered and ended by <ctrl-Z/ESC>

AT+MMMGR Read SMS AT+MMMGR=<index> Immediate

<Index> : the index of the message

AT+MMMGL List SMSs AT+MMMGL <enter> Immediate

AT+MMMGD Delete SMSs AT+MMMGD=<index> Immediate

<Index> : the index of the message to be deleted

AT+MMSCMD Get/Set system sms command service AT+MMSCMD=<Mode>[,<Filter Mode>[,<No.1>[,<No.2>[,<No.3>[,<No.4>[,<No.5>[<No.6>]]]]]]] AT&W

Mode : 0 - Disable
1 - Enable SMS Command
Filter Mode : 0 - Disable
1 - Enable Phone Filter
No.X : Phone Number, where X = [1, 6]

© Microhard 193
5.0 AT Command Line Interface

Network AT Commands
AT Command Description Syntax Effect
AT+MNLAN Show/Add/Edit/Delete the network LAN interface AT+MNLAN AT&W
AT+MNLAN=<LAN Name>
AT+MNLAN=<LAN Name>,DEL
AT+MNLAN=<LAN Name>,ADD/EDIT,<Protocol>[,<IP>,<Netmask>] Where <Protocol>=0
AT+MNLAN=<LAN Name>,ADD/EDIT,<Protocol> Where <Protocol>=1 or 3
AT+MNLAN=<LAN Name>,EDIT,<Protocol>[,<IP>,<Netmask>] Where <Protocol>=2 and
<LAN Name>="lan"
Parameters:
LAN Name : Name of Network LAN interface. System built-in one is "lan"
Operation : ADD - Add a new LAN interface
EDIT - Edit an exsiting LAN interface
DEL - Delete an existing LAN interface
Protocol : 0 - Static IP
1 - DHCP with LAN alias disabled
2 - DHCP with LAN alias enabled, only for "lan"
IP Address : Valid IP address
Netmask : Valid netmask

AT+MNLANDHCP Get/Set LAN DHCP server on LAN interface AT+MNLANDHCP=<LAN Name>[,<Mode>[,<Start IP>,<Limit>,<Lease Time>[,<Alt. Gateway>, AT&W
<Pre. DNS>,<Alt. DNS>,<WINS/NBNS Servers>,<WINS/NBT Node>]]]
Parameters:
LAN Name : Name of Network LAN interface
Mode : 0 - Disable DHCP Server
1 - Enable DHCP Server
Start IP : The starting address DHCP assignable IP Addresses
Limit : The maximum number of IP addresses. min=1 max=16777214
Lease Time : The DHCP lease time in minutes. 2~2147483647 minutes. 0 means'infinity'
Alt. Gateway : Alternate Gateway for DHCP assigned devices if the default gateway is not to be used
Pre. DNS : Preferred DNS server address to be assigned to DHCP devices
Alt. DNS : Alternate DNS server address to be assigned to DHCP devices
WINS/NBNS Server : WINS/NBNS Servers
WINS/NBT Node : WINS/NBT Node Type
0 - none
1 - b-node
2 - p-node
3 - m-node
4 - h-node

AT+MNLANSTP Get/Set the network LAN inetrafce: Spanning AT+MNLANSTP=<LAN Name>[,<STP>] AT&W
Tree (STP) Parameters:
LAN Name : Name of Network LAN interface
Spanning Tree : 0 - Off
1 - On

AT+MNLANIGMP Get/Set the network LAN interface: IGMP Snoop- AT+MNLANIGMP=<LAN Name>[,<IGMP Snooping>] AT&W
ing Parameters:
LAN Name : Name of Network LAN interface
IGMP Snooping : 0 - Off
1 - On

AT+MNLANDNS Get/Set the network LAN interface: DNS AT+MNLANDNS=<LAN Name>[,<Mode>[,<Primary DNS>,<Secondary DNS>]] AT&W
Usage:
AT+MNLANDNS=<LAN Name>
AT+MNLANDNS=<LAN Name>,<Mode> Where <Mode>=0
AT+MNLANDNS=<LAN Name>,<Mode>[,<Primary DNS>,<Secondary DNS>] Where <Mode>=1
Parameters:
LAN Name : Name of Network LAN interface
Mode : 0 - Auto
1 - Manual
Primary DNS : Valid IP Address or 0 (Reset)
Secondary DNS : Valid IP address or 0 (Reset)

AT+MNWAN Get/Set the network WAN1 interface AT+MNWAN[=<Mode>[,<Protocol>[,<IP>,<Netmask>[,<Gateway>]]]] AT&W

Usage:
AT+MNWAN
AT+MNWAN=<Mode>,<Protocol>,<IP>,<Netmask>[,<Gateway>] Where <Mode>=0 and <Protocol>=0
AT+MNWAN=<Mode>,<Protocol>,<IP>,<Netmask> Where <Mode>=2 and <Protocol>=0
AT+MNWAN=<Mode>,<Protocol> Where <Mode>=0/2 and <Protocol>=1
AT+MNWAN=<Mode>,<Protocol> Where <Mode>=2 and <Protocol>=2
AT+MNWAN=<Mode> Where <Mode>=1
Parameters:
Mode : 0 - Independent WAN
1 - Bridge with LAN Port
2 - Independent LAN
Protocol: 0 - Static IP
1 - DHCP
2 - None
IP : Valid IP address
Netmask : Valid netmask
Gateway : Valid IP address. 0 - Reset

© Microhard 194
5.0 AT Command Line Interface

Network AT Commands (Continued)

AT Command Description Syntax Effect

AT+MNWANDR Get/Set the network WAN1 interface: Default AT+MNWANDR[=<Default Route>] AT&W
Route Parameters:
Default Route : 0 - No
1 - Yes

AT+MNWANDNS Get/Set DNS Server when WAN1 port works as AT+MNWANDNS[=<Mode>[,<Primary DNS>,<Secondary DNS>]] AT&W
Independent WAN Parameters:
Mode : 0 - Auto
1 - Manual
Primary DNS : Valid IP Address or 0 (Reset)
Secondary DNS : Valid IP address or 0 (Reset)

AT+MNWAN2 Get/Set the network WAN2 interface AT+MNWAN2[=<Mode>[,<Protocol>[,<IP>,<Netmask>[,<Gateway>]]]] AT&W

Usage:
AT+MNWAN
AT+MNWAN=<Mode>,<Protocol>,<IP>,<Netmask>[,<Gateway>] Where <Mode>=0 and <Protocol>=0
AT+MNWAN=<Mode>,<Protocol>,<IP>,<Netmask> Where <Mode>=2 and <Protocol>=0
AT+MNWAN=<Mode>,<Protocol> Where <Mode>=0/2 and <Protocol>=1
AT+MNWAN=<Mode>,<Protocol> Where <Mode>=2 and <Protocol>=2
AT+MNWAN=<Mode> Where <Mode>=1
Parameters:
Mode : 0 - Independent WAN
1 - Bridge with LAN Port
2 - Independent LAN
Protocol: 0 - Static IP
1 - DHCP
2 - None
IP : Valid IP address
Netmask : Valid netmask
Gateway : Valid IP address. 0 - Reset

AT+MNWAN2DR Get/Set the network WAN2 interface: Default AT+MNWAN2DR[=<Default Route>] AT&W
Route Parameters:
Default Route : 0 - No
1 - Yes

AT+MNWAN2DNS Get/Set DNS Server when WAN2 port works as AT+MNWAN2DNS[=<Mode>[,<Primary DNS>,<Secondary DNS>]] AT&W
Independent WAN Parameters:
Mode : 0 - Auto
1 - Manual
Primary DNS : Valid IP Address or 0 (Reset)
Secondary DNS : Valid IP address or 0 (Reset)

AT+MNIPMAC Show/Add/Delete/Release/ReleaseAll the MAC-IP AT+MNIPMAC[=<Operation>[,<Name>[,<IP Address>,<MAC Address>]]] AT&W

address binding Usage:
AT+MNIPMAC
AT+MNIPMAC=SHOW,<Name>
AT+MNIPMAC=ADD,<Name>,<IP Address>,<MAC Address>
AT+MNIPMAC=DEL,<NAME>
AT+MNIPMAC=RELEASE,<NAME>
AT+MNIPMAC=RELEASEALL
Parameters:
Operation : SHOW - Show the details of the MAC-IP address binding
ADD - Add a new MAC-IP address binding
DEL - Delete an existing MAC-IP address binding
RELEASE - Release the active DHCP lease
RELEASEALL - Release all active DHCP leases
Name : Name of the MAC-IP binding, 1-64 characters
IP Address : Valid IP address
MAC Address: The physical MAC address of the device or interface

AT+MNEMAC Get the MAC address of the local Ethernet inter- AT+MNEMAC <enter> Immediate
face Sample Output:
+MNEMAC: "00:0F:92:02:F9:0F"
OK

AT+MNPORT Get/Set the Ethernet port configuration AT+MNPORT[=<Ethernet Port>[,<Mode>[,<Auto Negotiation>,<Speed>,<Duplex>]]] AT&W
Parameters:
Ethernet Port : 0 - Port 1
1 - Port 2
2 - Port 3
3 - Port 4
4 - WAN 1
5 - WAN 2
Mode : 0 - Auto
1 - Manual
Auto-Negotiation : 0 - Off
: 1 - On
Speed : 0 - 10 Mbit/s
1 - 100 Mbit/s
2 - 1000 Mbit/s
Duplex : 0 - Full
1 - Half

© Microhard 195
5.0 AT Command Line Interface

Network AT Commands (Continued)

AT Command Description Syntax Effect

AT+MNSTATUS Get the network status AT+MNSTATUS <enter> Immediate

Receive bytes : 569.207KB
Receive packets : 6760
Transmit bytes : 583.585KB
Transmit packets : 4715
WAN1:
MAC Address : 00:0F:92:04:B3:26
IP Address : N/A (dhcp)
Subnet Mask : N/A (dhcp)
Receive bytes : 0B
Receive packets : 0
Transmit bytes : 1.179MB
Transmit packets : 3811
WAN2:
MAC Address : 00:0F:92:05:B3:26
IP Address : N/A (dhcp)
Subnet Mask : N/A (dhcp)
Receive bytes : 0B
Receive packets : 0
Transmit bytes : 1.180MB
Transmit packets : 3817
WWAN:
MAC Address : 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
IP Address : 10.94.114.117 (dhcp)
Subnet Mask : 255.255.255.252 (dhcp)
Receive bytes : 310.773KB
Receive packets : 2112
Transmit bytes : 203.646KB
Transmit packets : 2681
Default Gateway : 10.94.114.118
DNS Server(s) : 70.28.245.227 184.151.118.254

IPv4 Routing Table

Destination Gateway Subnet Mask Flags Metric Ref Use Iface
0.0.0.0 10.94.114.118 0.0.0.0 UG 0 0 0 br-wwan
10.94.114.116 0.0.0.0 255.255.255.252 U 25 0 0 br-wwan
10.94.114.118 0.0.0.0 255.255.255.255 UH 25 0 0 br-wwan
192.168.168.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan

AT+MNDDNSE Get/Set DDNS Mode AT+MNDDNSE=<Mode> AT&W

Parameter:
Mode: 0 - Disable
1 - Enable

AT+MNDDNS Get/Set DDNS Settings AT+MNDDNS=<Network>,<Periodic Update>,<Service>,<User Name>,<Password>,<Host> AT&W

or <Record Number>[,<Url>]
Parameters:
Network: 0 - Auto
1 - WWAN
2 - WAN1
3 - WAN2
Periodic Update : 0 - Disable
1 - 5 minutes
2 - 15 minutes
3 - 60 minutes
4 - 4 hours
5 - 8 hours
6 - 24 hours
Service Type : 0 - changeip
1 - dyndns
2 - eurodyndns
3 - hn
4 - noip
5 - ods
6 - ovh
7 - regfish
8 - tzo
9 - zoneedit
10 - customized_ddns
11 - DNSmadeEasy
User Name : 1 - 64 characters
Password : 1 - 64 characters
Host : 1 - 200 characters, for any services except DNSmadeEasy
Record Number : 1 - 200 characters, for DNSmadeEasy only
Url : 1 - 200 characters, for customized_ddns

© Microhard 196
5.0 AT Command Line Interface

System AT Commands

AT Command Description Syntax Effect

AT+MSCNTO Get/Set the console timeout AT+MSCNTO=<Timeout_s> AT&W

Parameter:
<Timeout_s> : 30 to 65535 in seconds, 0-Disable

AT+MSPWD Set password AT+MSPWD=<New Password>,<Confirm Password> AT&W

Parameters:
<New Password> : 5-64 characters except space
<Confirm Password> : Same as <New Password>

AT+MSGMI Get manufacturers identification AT+MSGMI <enter> Immediate

Sample Output:
+MSGMI: 2017- Microhard Systems Inc.
OK

AT+MSSYSI Get system summary information AT+MSSYSI <enter> Immediate

Sample Output:
System:
Host Name : BulletPlusAC
Product : BulletPlusAC
Hardware : Rev A
Software : v1.5.0 build 1005-40
Copyright : 2017- Microhard Systems Inc.
System Time : Wed Jan 24 21:50:42 2018
Temperature : 43.78 C
Voltage : 12.18 V
WWAN:
Module : Enabled
IMEI : 357188080005558
SIMID : 89302610102038338489
Status : Connected
Network : Bell
IP : 10.94.114.117 (dhcp)
RSSI : -71
LAN:
MAC : 00:0F:92:04:B3:26
IP : 192.168.168.1 (static)
MASK : 255.255.255.0 (static)
WAN1:
MAC : 00:0F:92:04:B3:26
IP : N/A (dhcp)
MASK : N/A (dhcp)
WAN2:
MAC : 00:0F:92:05:B3:26
IP : N/A (dhcp)
MASK : N/A (dhcp)
Radio 1 Interface 1
MAC Address : 04:F0:21:25:1D:CD
Mode : Access Point
SSID : BulletPlusAC-MKT
Frequency Band : 5G Mode
Radio Frequency : 5.200 GHz
Connection Info : Not connected
OK

AT+MSGMR Get modem Record Information AT+MSGMR <enter> Immediate

Same Output:
+MSGMR:
Hardware Version : Rev A
Software Version : v1.5.0 build 1007-35
Copyright : 2017- Microhard Systems Inc.
System Time : Thu Jan 25 13:23:47 2018
OK

AT+MSIMG Get the image status for both active and inactive AT+MSGMR <enter> Immediate
images. Sample Output:
Active Version : v1.5.0-r1005-40
Active Build Time : 2018-01-22 15:01:42
Inactive Version : v1.5.0-r1005-39
Inactive Build Time : 2018-01-22 14:57:06
OK

AT+MSMNAME Get/Set modem Name setting AT+MSMNAME=<Modem_Name> AT&W

Parameter:
<Modem_Name> : 1 - 64 characters. Must be alphanumeric or dots(.), or dashes(-) or underscores(_)

AT+MSRTF Reset the modem to the factory default settings AT+MSRTF=<Action> AT&W
from non-volatile (NV) memory Parameter:
<Action>: 0 - Pre-set action
1 - Confirm action

AT+MSREB Reboot the modem AT+MSREB <enter> Immediate

Sample Output:
Rebooting...
OK

© Microhard 197
5.0 AT Command Line Interface

System AT Commands (Continued)

AT Command Description Syntax Effect

AT+MSNTP Get/Set NTP server AT+MSNTP[=<Mode>[,<Server>,<Port>,<Client Interval>]] AT&W

Parameters:
<Mode> : 0 - Local Time; 1 - NTP
<Server> : Valid IP Address or Name
<Port> : 1 to 65535. Default is 123
<Client Interval> : 15 to 65535 in seconds, 0-Disable

AT+MSSYSLOG Get/Set Syslog server settings AT+MSSYSLOG[=<Server>[,<Port>]] AT&W

Parameters:
<Server> : Valid IP Address or Name. 0.0.0.0 - Disable. 1 to 256 characters
<Port> : 1 to 65535. Default is 514

AT+MSSERVICE Get/Set service status and port AT+MSSERVICE[=<Service>[,<Mode>[,<Port>]]] AT&W

Parameters:
<Service> : 0 - FTP
1 - Telnet
2 - SSH
<Mode> : 0 - Disable
1 - Enable
<Port> : 0 to 65535. For Telnet (23 by default) and SSH (22 by default) only

AT+MSWEBUI Get/Set Web UI protocol and port AT+MSWEBUI[=<Mode>[,<HTTP Port>][,<HTTPS Port>]]] AT&W
Parameters:
<Mode> : 0 - HTTP/HTTPS
1 - HTTP
2 - HTTPS
3 - Disable
<HTTP Port> : 2 to 65534. 80 by default
<HTTPS Port> : 2 to 65534. 443 by default

AT+MSKA Get/Set keep-alive mode AT+MSKA[=<Mode>[,<Traffic Check>,<CLI Activity>,<Web UI Activity>]] AT&W

Parameters:
Mode : 0 - Disable
1 - Enable
Traffic Check : 0 - Disable
1 - Enable
CLI Activity : 0 - Disable
1 - Enable
Web UI Activity: 0 - Disable
1 - Enable

AT+MSKAS Get/Set keep-alive settings AT+MSKAS[=<Type>,<Host Name>,<Interval>,<Retry>[,<HTTP Port>]] AT&W

Parameters:
Type : 0 - ICMP
1 - HTTP
2 - DNS Lookup
Host Name : Valid host name, 1 to 256 characters
Interval : Keepalive Interval in second, 60 to 60000
Retry : Keepalive Retry, 10 to 200
HTTP Port : Valid HTTP Port, 0 to 65535

© Microhard 198
5.0 AT Command Line Interface

Wireless (Radio) AT Commands

AT Command Description Syntax Effect
AT+MWRADIO Get/Set radio status, On or Off AT+MWRADIO[=<Radio>] AT&W
<Radio>
0 - Off
1 - On

AT+MWMODE Get/Set Radio Mode AT+MWMODE[=<Mode>] AT&W

<Mode>
0 - 802.11B ONLY
1 - 802.11BG
2 - 802.11NG
3 - 802.11A ONLY
4 - 802.11NA
5 - 802.11AC
OK

AT+MWDISTANCE Get/Set radio Wireless Distance AT+MWDISTANCE[=<Distance>] AT&W

<Distance>
1 - 30000 in meter

AT+MWTXPOWER Get/Set radio Tx power AT+MWTXPOWER[=<Tx Power>] AT&W

<Tx Power>
0 - 0 dbm
1 - 4 dbm
2 - 5 dbm
3 - 6 dbm
4 - 7 dbm
5 - 9 dbm
6 - 10 dbm
7 - 15 dbm
8 - 20 dbm
9 - 21 dbm
10 - 22 dbm
11 - 23 dbm
12 - 24 dbm
13 - 25 dbm
14 - 26 dbm

AT+MWCHAN Get/Set radio channel (varies by mode) AT+MWCHAN[=<Channel>] AT&W

Available radio channels for 802.11A
0 - Auto
1 - 5.180 GHz
2 - 5.200 GHz
3 - 5.220 GHz
4 - 5.240 GHz
5 - 5.745 GHz
6 - 5.765 GHz
7 - 5.785 GHz
8 - 5.805 GHz
9 - 5.825 GHz

AT+MWHTMODE Get/Set radio high throughput mode AT+MWHTMODE[=<High Throughput Mode>] AT&W
<High Throughput Mode>
0 - HT20
1 - HT40-
2 - HT40+
3 - Force HT40-
4 - Force HT40+

AT+MWVHTMODE Get/Set radio channel width for 802.11ac AT+MWVHTMODE[=<Channel Width>] AT&W
<Channel Width>
0 - VHT20
1 - VHT40
2 - VHT80

AT+MWMPDUAGG Get/Set radio MPDU Aggregation AT+MWMPDUAGG[=<MPDU Aggregation>] AT&W

<MPDU Aggregation>
0 - Disable
1 - Enable

AT+MWSHORTGI Get/Set radio short GI AT+MWSHORTGI[=<Short GI>] AT&W

<Short GI>
0 - Disable
1 - Enable

AT+MWHTCAPAB Get/Set radio HT capabilities info AT+MWHTCAPAB <enter> Immediate

+MWHTCAPAB: HT Capabilities Info - SHORT-GI-20 SHORT-GI-40 RX-STBC1 DSSS_CCK-40
OK

AT+MWAMSDU Get radio maximum AMSDU (byte) AT+MWAMSDU <enter> Immediate

+MWAMSDU: Maximum AMSDU (byte) - 3839
OK

AT+MWAMPDU Get radio maximum AMPDU (byte) AT+MWAMPDU <enter> Immediate

+MWAMPDU: Maximum AMPDU (byte) - 65535
OK

AT+MWRTSTHRESH Get/Set radio RTS Threshold AT+MWRTSTHRESH[=<RTS Threshold>] AT&W

<RTS Threshold>:
0 Disabled
256-2346 Enabled with the value

© Microhard 199
5.0 AT Command Line Interface

Wireless (Radio) AT Commands (Continued)

AT Command Description Syntax Effect
AT+MWFRAGTHRESH Get/set radio Fragment threshold AT+MWFRAGTHRESH[=<Fragmentation Threshold>] AT&W
<Fragmentation Threshold>:
0 Disabled
256-2346 Enabled with the value

AT+MWCCATHRESH Get/Set radio CCA Power Threshold AT+MWCCATHRESH[=<CCA Threshold>] AT&W

<CCA Threshold>:
Range of values: 4-127

AT+MWIFACE List/Add/Delete radio virtual interface AT+MWIFACE=<Operation>[,<Index>] AT&W

<Operation>
SHOW - List one or all radio virtual interface(s)
ADD - Add one radio virtual interface with default settings
DEL - Delete one radio virtual interface
<Index>
Radio Virtual Interface Index: 0-3
Usage:
AT+MWIFACE=SHOW[,<Index>]
AT+MWIFACE=ADD
AT+MWIFACE=DEL,<Index>

AT+MWNETWORK Get/Set radio virtual interface: Network AT+MWNETWORK[=<Index>[,<Network>]] AT&W

<Index>
Radio Virtual Interface Index: 0-3
<Network>
Radio Virtual Interface Network:
0 - LAN
1 - WAN1
2 - WAN2
3 - WIFI

AT+MWAWC Get/Set radio virtual interface: Access to wired AT+MWAWC[=<Index>[,<Access to Wired client>]] AT&W
client <Index>
Radio Virtual Interface Index: 0-3
<Access to Wired client>
0 - Off
1 - On

AT+MWSSID Get/Set radio virtual interface: SSID AT+MWSSID[=<Index>[,<SSID>]] AT&W

<Index>
Radio Virtual Interface Index: 0-3
<SSID>
Radio Virtual Interface SSID: 1-32 characters

AT+MWDEVICEMODE Get/Set virtual interface: Mode AT+MWDEVICEMODE[=<Index>[,<Device Mode>]] AT&W

<Index>
Radio Virtual Interface Index: 0-3
<Device Mode>
Radio Virtual Interface Mode:
0 - Access Point
1 - Client

AT+MWRATE Get/Set radio virtual interface: TX bitrate AT+MWRATE[=<Index>[,<TX bitrate>]] AT&W

<Index>
Radio Virtual Interface Index: 0-3
<TX bitrate>
Radio Virtual Interface TX bitrate for 802.11NG
0 - auto
1 - mcs-0
2 - mcs-1
3 - mcs-2
4 - mcs-3
5 - mcs-4
6 - mcs-5
7 - mcs-6
8 - mcs-7

AT+MWWDS Get/Set radio interface: WDS AT+MWWDS[=<Index>[,<WDS>]] AT&W

<Index>
Radio Virtual Interface Index: 0-3
<WDS>
0 - Off
1 - On

AT+MWSSIDBCAST Get/Set radio virtual interface: ESSID Broadcast AT+MWSSIDBCAST[=<Index>[,<ESSID Broadcast>]] AT&W
<Index>
Radio Virtual Interface Index: 0-3
<ESSID Broadcast>
Radio Virtual Interface ESSID Broadcast:
0 - Off
1 - On

AT+MWAPISOLATION Get/Set radio virtual interface: AP Isolation AT+MWAPISOLATION[=<Index>[,<AP Isolation>]] AT&W

<Index>
Radio Virtual Interface Index: 0-3
<AP Isolation>
Radio Virtual Interface AP Isolation:
0 - Off
1 - On

© Microhard 200
5.0 AT Command Line Interface

Wireless (Radio) AT Commands (Continued)

AT Command Description Syntax Effect

AT+MWENCRYPT Get/Set radio virtual interface: Encryption Type PSK: AT+MWENCRYPT[=<Index>[,<Encryption Type>[,<WPA_PSK>]]] AT&W
RADIUS in Client: AT+MWENCRYPT[=<Index>[,<Encryption Type>[,<RADIUS Pass-
word>,<RADIUS Identity>]]]
RADIUS in Access Point: AT+MWENCRYPT[=<Index>[,<Encryption Type>[,<RADIUS Server
Key>,<RADIUS Server Address>,<RADIUS Port>[,<Accounting Server Address>,<Accounting S
erver Port>,<Accounting Sever Secret>
Parameters:
<Index>: Radio Virtual Interface Index: 0-3
<Encryption Type>: 0 - Disabled
1 - WPA (PSK)
2 - WPA2 (PSK)
3 - WPA+WPA2 (PSK)
4 - WPA Enterprise (RADIUS)
5 - WPA2 Enterprise (RADIUS)
6 - WPA+WPA2 Enterprise (RADIUS)
<WPA PSK>: 8 ~ 63 characters
RADIUS Server for Access Point:
<Key>: 8 ~ 63 characters
<Address>: Valid address
<Port>: Valid port
Accounting Server for Access Point:
<Address>: Valid address
<Port>: Valid port
<Secret>: 8 ~ 63 characters
<NAS ID> : 0 ~ 63 characters
RADIUS Server for Client:
<Identity>: 8 ~ 63 characters
<Password>: 8 ~ 63 characters

AT+MWSCAN Get radio scanning information (client mode) AT+MWSCAN <enter> AT&W
Noise Floor: -93 dBm
1,"BP_AP_188",00:0F:92:FE:03:1F,11,2462,70/70,-32,Master,WPA2 PSK (CCMP)
2,"ASUS-WIFI",38:2C:4A:A1:44:E0,6,2437,70/70,-40,Master,WPA2 PSK (CCMP)
3,"BP-C",00:0F:92:FE:03:26,1,2412,57/70,-53,Master,WPA2 PSK (CCMP)
4,"Microguest",04:F0:21:19:85:CC,9,2452,55/70,-55,Master,WPA2 PSK (CCMP)
5,"BP_AP_178",00:0F:92:FA:38:1B,11,2462,70/70,-31,Master,WPA2 PSK (CCMP)
6,"SEC_LinkShare_253277",D0:66:7B:A3:72:EB,4,2427,51/70,-59,Master,WPA2 PSK (CCMP)
7,"work2901",00:15:6D:68:3D:0C,4,2427,59/70,-51,Master,mixed WPA/WPA2 PSK (TKIP, CCMP)
8,"testaaa2",00:0F:92:FF:FF:FF,8,2447,42/70,-68,Master,WPA2 PSK (CCMP)
9,"Bp170Wifi",02:0F:92:FF:FF:FF,5,2432,42/70,-68,Master,WPA2 PSK (CCMP)
10,"MyNetwork",04:F0:21:04:8D:69,1,2412,41/70,-69,Master,WPA2 PSK (CCMP)
11,"AndrewW",74:D0:2B:89:0B:50,6,2437,35/70,-75,Master,WPA2 PSK (CCMP)
12,"HPJ310a.4A61D8",02:2E:EE:7F:63:7F,6,2437,51/70,-59,Master,none
13,"Hanif's Wi-Fi Network",34:12:98:09:E9:86,6,2437,33/70,-77,Master,WPA2 PSK (CCMP)
14,"Drug Shack",F8:E9:03:C0:EC:98,1,2412,26/70,-84,Master,mixed WPA/WPA2 PSK (TKIP, CCMP)
15,"Bp170Wifi",00:0F:92:FA:38:F8,5,2432,36/70,-74,Master,WPA2 PSK (CCMP)
16,"SHAW-C31630",A8:4E:3F:C3:16:38,1,2412,30/70,-80,Master,WPA2 PSK (TKIP, CCMP)
17,"SHAW-E14540",F0:F2:49:E1:45:48,1,2412,32/70,-78,Master,mixed WPA/WPA2 PSK (TKIP,
CCMP)
OK

AT+MWRSSI Get radio RSSI AT+MWRSSI <enter> AT&W

192.168.168.161 8C:F5:A3:0F:0A:33 -31 dBm
OK

© Microhard 201
Appendix A: Serial Interface

Module Host (e.g. PC)

(DCE) (DTE) Arrows denote the direction that signals are asserted (e.g., DCD originates at the
Signal DCE, informing the DTE that a carrier is present).
1 DCD  IN
The interface conforms to standard RS-232 signals, so direct connection to a
2 RX  IN host PC (for example) is accommodated.
3  TX OUT

4  DTR OUT

5 SG

6 DSR  IN

7  RTS OUT
The signals in the asynchronous serial interface are described below:
8 CTS  IN

DCD Data Carrier Detect - Output from Module - When asserted (TTL low), DCD informs the DTE that a
communications link has been established with another device.

RX Receive Data - Output from Module - Signals transferred from the BulletPlusAC are received by the DTE
via RX.

TX Transmit Data - Input to Module - Signals are transmitted from the DTE via TX to the BulletPlusAC.

DTR Data Terminal Ready - Input to Module - Asserted (TTL low) by the DTE to inform the module that it is
alive and ready for communications.

SG Signal Ground - Provides a ground reference for all signals transmitted by both DTE and DCE.

DSR Data Set Ready - Output from Module - Asserted (TTL low) by the DCE to inform the DTE that it is alive
and ready for communications. DSR is the module’s equivalent of the DTR signal.

RTS Request to Send - Input to Module - A “handshaking” signal which is asserted by the DTE (TTL low)
when it is ready. When hardware handshaking is used, the RTS signal indicates to the DCE that the host
can receive data.

CTS Clear to Send - Output from Module - A “handshaking” signal which is asserted by the DCE (TTL low)
when it has enabled communications and transmission from the DTE can commence. When hardware
handshaking is used, the CTS signal indicates to the host that the DCE can receive data.
Notes: It is typical to refer to RX and TX from the perspective of the DTE. This should be kept in mind when
looking at signals relative to the module (DCE); the module transmits data on the RX line, and receives
on TX.
“DCE” and “module” are often synonymous since a module is typically a DCE device.
“DTE” is, in most applications, a device such as a host PC.

© Microhard 202
Appendix C: Port Forwarding Example (Page 1 of 2)

By completing the Quick Start process, a user should have been able to log in and set up the BulletPlusAC
to work with their cellular carrier. By completing this, the modem is ready to be used to access the internet
and provide mobile connectivity. However, one of the main applications of the BulletPlusAC is to access
connected devices remotely. In order to do this, the BulletPlusAC must be told how to deal with incoming
traffic, where to send it to.

In this section we will talk about port forwarding. Port forwarding is ideal when there are multiple devices
connected to the BulletPlusAC, or if other features of the BulletPlusAC are required (Serial Ports, Firewall,
GPS, etc). In port forwarding, the BulletPlusAC looks at each incoming Ethernet packet on the WAN and
by using the destination port number, determines where it will send the data on the private LAN . The
BulletPlusAC does this with each and every incoming packet.

DMZ (a form of port forwarding) is useful for situations where there are multiple devices connected to the
BulletPlusAC, but all incoming traffic is destined for a single device. It is also popular to use DMZ in cases
where a single device is connected but several ports are forwarded.

Consider the following example. A user has a remote location that has several devices that need to be
accessed remotely. The User at PC1 can only see the BulletPlusAC directly using the public static IP
assigned by the wireless carrier, but not the devices behind it. In this case the BulletPlusAC is acting as a
gateway between the Cellular Network and the Local Area Network of its connected devices. Using port
forwarding we can map the way that data passes through the BulletPlusAC.

Wired or Wireless
Devices

Wireless Cellular PC2: 192.168.0.20

Connection Webserver on port 80
Cellular Network/
Internet

BulletPlusAC
WAN IP:
PC1: Connected to 74.198.186.193
internet. (Cellular Carrier)

LAN IP: 192.168.0.1 PLC/RTU: 192.168.0.30

Webserver on port 80
Modbus on port 502

IP Camera: 192.168.0.40
Webserver on Port 80

Step 1

Log into the BulletPlusAC (Refer to Quick Start), and ensure that the Firewall is configured. This can be found under
Firewall > General. Also ensure that that sufficient Rules or IP lists have been setup to allow specific traffic to pass
through the BulletPlusAC. See the Firewall Example in the next Appendix for information on how to allow connections
from an IP or to open ports. Once that is complete, remember to “Submit” the changes.

© Microhard 203
Appendix C: Port Forwarding Example (Page 2 of 2)

Step 2

Determine which external ports (WWAN) are mapped to which internal IP Addresses and Ports (LAN). It is important to
understand which port, accessible on the outside, is connected or mapped to which devices on the inside. For this
example we are going to use the following ports, in this case it is purely arbitrary which ports are assigned, some
systems may be configurable, other systems may require specific ports to be used.

Description WAN IP External Port Internal IP Internal Port

BulletPlusAC WebUI 74.198.186.193 80 192.168.0.1 80
PC2 Web Server 74.198.186.193 8080 192.168.0.20 80
PLC Web Server 74.198.186.193 8081 192.168.0.30 80
PLC Modbus 74.198.186.193 10502 192.168.0.30 502
Camera Web Server 74.198.186.193 8082 192.168.0.40 80

Notice that to the outside user, the IP Address for every device is the same, only the port number changes, but on the
LAN, each external port is mapped to an internal device and port number. Also notice that the port number used for the
configuration GUI for all the devices on the LAN is the same, this is fine because they are located on different IP
addresses, and the different external ports mapped by the BulletPlusAC (80, 8080, 8081, 8082), will send the data to the
intended destination.

Step 3

Create a rule for each of the lines above. A rules does not
need to be created for the first line, as that was listed simply to
show that the external port 80 was already used, by default, by
the BulletPlusAC itself. To create port forwarding rules,
Navigate to the Firewall > Port Forwarding menu. When
creating rules, each rules requires a unique name, this is only
for reference and can be anything desired by the user. Click on
the “Add Port Forwarding” button to add each rule to the
BulletPlusAC.

Once all rules have been added, the BulletPlusAC

configuration should look something like
what is illustrated in the screen shot to
the right. Be sure to “Submit” the Port
Forwarding list to the BulletPlusAC.

For best results, reboot the BulletPlusAC.

Step 4

Configure the static addresses on all attached devices. Port forwarding required that all the attached devices have static
IP addresses, this ensure that the port forwarding rules are always correct, as changing IP addresses on the attached
devices would render the configured rules useless and the system will not work.

Step 5

Test the system. The devices connected to the BulletPlusAC should be accessible remotely. To access the devices:

For the Web Server on the PC, use a browser to connect to 74.198.186:193:8080, the result should be as follows:

To access the other devices/services: For the PLC Web Server: 74.198.186.193:8081, for the Camera
74.198.186.193:8082, and for the Modbus on the PLC telnet to 74.198.186.193:10502 etc.

© Microhard 204
Appendix D: VPN Example (Page 1 of 2)

By completing the Quick Start process, a user should have been able to log in and set up the BulletPlusAC
to work with their cellular carrier. By completing this, the modem is ready to be used to access the internet
and provide mobile connectivity. However, one of the main applications of the BulletPlusAC is to access
connected devices remotely. In addition to Port Forwarding, the BulletPlusAC has several VPN capabilities,
creating a tunnel between two sites, allowing remote devices to be accessed directly.

VPN allows multiple devices to be connected to the BulletPlusAC without the need to individually map
ports to each device. Complete access to remote devices is available when using a VPN tunnel. A VPN
tunnel can be created by using two BulletPlusAC devices, each with a public IP address. At least one of
the modems require a static IP address. VPN tunnels can also be created using the BulletPlusAC to
existing VPN capable devices, such as Cisco or Firebox.

Example: BulletPlusAC to BulletPlusAC (Site-to-Site)

Step 1

Site A Site B

BulletPlusAC BulletPlusAC
WAN IP Carrier Assigned: WAN IP Carrier As-
A.B.C.D signed: E.F.G.H

Log into each BulletPlusAC (Refer to Quick Start) and ensure that the Firewall is configured. This can be found under
Firewall > General. Ensure that sufficient Rules or IP lists have been setup to allow specific traffic to pass through the
BulletPlusAC. Once that is complete, remember to “Apply” the changes.

Step 2

Configure the LAN IP and subnet for each BulletPlusAC. The subnets must be different and cannot overlap.

Site A Site B

© Microhard 205
Appendix D: VPN Example (Page 2 of 2)

Step 3

Add a VPN Gateway to Gateway tunnel on each BulletPlusAC.

Site A Site B

A.B.C.D E.F.G.H

Must Match!

© Microhard 206
Appendix E: Firewall Example (Page 1 of 2)

By completing the Quick Start process, a user should have been able to log in and set up the BulletPlusAC
to work with their cellular carrier. By completing this, the modem is ready to be used to access the internet
and provide mobile connectivity. However, one of the main applications of the BulletPlusAC is to access
connected devices remotely. Security plays an important role in M2M deployments as in most cases the
modem is publicly available on the internet. Limiting access to the BulletPlusAC is paramount for a secure
deployment. The firewall features of the BulletPlusAC allow a user to limit access to the BulletPlusAC and
the devices connected to it by the following means

- Customizable Rules
- MAC and/or IP List
- ACL (Access Control List) or Blacklist using the above tools.

Consider the following example. An BulletPlusAC is deployed at a remote site to collect data from an end
device such as a PLC or RTU connected to the serial DATA port (Port 20001). It is required that only a
specific host (Host A) have access to the deployed BulletPlusAC and attached device, including the remote
management features.

Host B:
84.53.23.12

Host A:
184.71.46.126
BulletPlusAC
Cell IP: 74.198.186.193
Local Device on TCP Port

Firewall

Host C:
186.41.57.101

Step 1

Log into the BulletPlusAC (Refer to Quick Start). Navigate to the Firewall > General tab as shown below and block all
Carrier traffic by setting the WWAN Remote Access to Block (uncheck), and disable WWAN Remote Management
(uncheck). Be sure to Apply the settings. At this point it should be impossible to access the BulletPlusAC from the
Cellular (WWAN) Connection.

© Microhard 207
Appendix E: Firewall Example (Page 2 of 2)

Step 2

Under the Rules tab we need to create two new rules. A rule to enable Host A access to the Remote Management Port
(TCP Port 80), and another to access the device attached the to serial port (TCP Port 20001).

Rule 1

Rule 2

After each rule is created be sure to click the ADD Rule button, once both rules are created select the Submit button to
write the rules to the BulletPlusAC. The Firewall Rules Summary should look like what is shown below.

Step 3

Test the connections. The BulletPlusAC should only allow connections to the port specified from the Host A. An
alternate means to limit connections to the BulletPlusAC to a specific IP would have been to use the MAC-IP List Tool.
By using Rules, we can not only limit specific IP’s, but we can also specify ports that can be used by an allowed IP
address.

© Microhard 208
Appendix G: Troubleshooting

Below is a number of the common support questions that are asked about the BulletPlusAC. The purpose
of the section is to provide answers and/or direction on how to solve common problems with the
BulletPlusAC.
__________________________________________________________________

Question: Why can’t I connect to the internet/network?

Answer: To connect to the internet a SIM card issued by the Wireless Carrier must be installed and the
APN programmed into the Carrier Configuration of the BulletPlusAC. For instructions of how to
log into the BulletPlusAC refer to the Quick Start.
__________________________________________________________________

Question: What is the default IP Address of the BulletPlusAC?

Answer: The default IP address for the LAN (RJ45 connector on the back of the unit) is 192.168.168.1.
__________________________________________________________________

Question: What is the default login for the BulletPlusAC?

Answer: The default username is admin, the default password is admin.

__________________________________________________________________

Question: What information do I need to get from my wireless carrier to set up the BulletPlusAC?

Answer: The APN is required to configure the BulletPlusAC to communicate with a wireless carrier. Some
carriers also require a username and password. The APN, username and password are only
available from your wireless carrier.

Newer units may support an AUTO APN feature, which will attempt to determine the APN from a
preconfigured list of carriers and commonly used APN’s. This is designed to provide quick
network connectivity, but will not work with private APN’s. Success with AUTO APN will vary by
carrier.
________________________________________________________________

Question: How do I reset my modem to factory default settings?

Answer: If you are logged into the BulletPlusAC navigate to the System > Maintenance Tab. If you cannot
log in, power on the BulletPlusAC and wait until the status LED in on solid (not flashing). Press
and hold the CONFIG button until the unit reboots (about 8-10 seconds).
_________________________________________________________________

Question: I can connect the Carrier, but I can’t access the Internet/WAN/network from a connected PC?

Answer: Ensure that you have DHCP enabled or manually set up a valid IP, Subnet, Gateway and DNS
set on the local device.
__________________________________________________________________

Question: I connected a device to the serial port of the BulletPlusAC and nothing happens?

Answer: In addition to the basic serial port settings, the IP Protocol Config has to be configured. Refer to
the Serial Configuration pages for a description of the different options.

© Microhard 209
Appendix G: Troubleshooting

__________________________________________________________________

Question: How do I access the devices behind the modem remotely?

Answer: To access devices behind the BulletPlusAC remotely, several methods can be used:

A. Port Forwarding/DMZ - Individual external WAN ports are mapped to internal LAN IP’s and
Ports. See the Port-Forwarding Appendix for a detailed example.
B. VPN - A tunnel can be created and full access to remote devices can be obtained. Required
the use of multiple modems or VPN routers. See the VPN Appendix on an example of how to set
up a VPN.

_________________________________________________________________

Question: I have Internet/Carrier access but I cannot ping the device remotely?

Answer: Ensure that appropriates Rules have been created in the Firewall to allow traffic.

_________________________________________________________________

Question: Why does my modem reset every 10 minutes (or other time)?

Answer: There are a number of processes in the BulletPlusAC that ensure that the unit is communicating
at all times, and if a problem is detected will reboot the modem to attempt to resolve any issues:

1. Keepalive - Attempts to contact a configured host on a defined basis. Will reboot modem if
host is unreachable. Enabled by default to attempt to ping 8.8.8.8. May need to disable on
private networks, or provide a reachable address to check. Access via System > Keepalive.
3. Local Device Monitor - The BulletPlusAC will monitor a local device, if that device is not
present the BulletPlusAC may reboot. Apps > LocalMonitor.
__________________________________________________________________

Question: How do I set up VPN?

Answer: Refer to the VPN Appendix for an example of how to set up a Gateway to Gateway VPN with a
pair of BulletPlusAC modems.

© Microhard 210
 150 Country Hills Landing NW
Calgary, Alberta
Canada T3K 5P3

Phone: (403) 248-0028

Toll Free: 1-855-353-0028
www.microhardcorp.com

© Microhard 211