Release Notes PN 93000580_B Digi Connect WAN IA (Cellular Modbus Bridge) 82001323_B EOS July 27, 2006 INTRODUCTION This is a production release of firmware for the Digi Connect WAN IA. The WAN IA starts with the feature set of the Digi Connect VPN, then adds a Modbus bridge for multi-master access and mixing of protocols such as Modbus/TCP, Modbus/UDP, Modbus/RTU, and Modbus/ASCII. (ModbusPlus requires dedicated hardware and IS NOT supported.) The Digi Connect WAN IA, part of the Digi Cellular Product Family, provides an alternative to traditional wired TCP/IP Wide Area Networks (WANs), utilizing global wireless Cellular, and IPSec VPN technology to create secure primary and backup network connectivity. They offer an easy, cost-effective, means of securely connecting virtually any remote location or device into the corporate IP network. The Modbus Bridge functionality enables remote Masters to connect via both the Cellular IP network and the local Ethernet. It supports: - Modbus/TCP transported by TCP/IP or UDP/IP - Modbus/RTU transported by serial, TCP/IP, or UDP/IP - Modbus/ASCII transported by serial, TCP/IP, or UDP/IP See Digi Document 90000773 for more details on the Modbus Bridge. The standard Digi Connect WAN IA hardware includes screw terminals for 10-30vdc power supply and EIA-232/422/485 field selectable serial port. SUPPORTED PRODUCTS Digi Connect WAN IA EDGE10 Digi Connect WAN IA 1X DESCRIPTION The Factory Default configuration consists of: - IP address is assigned by DHCP client - Internal DHCP server is disabled - Serial login (terminal) is disabled - Modbus/TCP Masters incoming on TCP port 502 and UDP port 502 - Modbus/RTU Masters incoming on TCP port 2101 and UDP port 2101 (Note: matches serial config, so changes to Modbus/ASCII when serial port changed to Modbus/ASCII) - Modbus/RTU serial slave on port 1, settings 9600:8,N,1 - Incoming Unit Id or Slave Address 0 treated as 1, not broadcast - Incoming Unit Id or Slave Address 1 to 32 assumed on serial port - Incoming Unit Id or Slave Address 33 to 254 assumed to be Modbus/TCP slaves (servers) on local Ethernet port. Slave Address is used for mast octet of local IP, so if WAN IA has the IP 192.168.2.1, then local slaves assumed to be at 192.168.2.33 to 192.168.2.254. - Incoming Unit Id or Slave Address 255 returns 0x0A exception - Default timeouts: *) Serial or Modbus/TCP slave response in 1 second *) Serial responses with less than 20 msec of inter-byte gap *) IP requests with less than 30 seconds of inter-byte gap (required to assemble fragmented TCP/IP via cellular link) To disable the Modbus Bridge, just change the serial port profile to anything other than ia or Industrial Automation. The ia configuration may be damaged while profile is not ia. Setting the profile back to ia may cause a factory default configuration to be restored. To use the WAN IA as a normal WAN or VPN device, change the serial port profile to anything other than ia or Industrial Automation. Then modify the network, DHCP, and router configuration as desired. ENHANCEMENTS Add IP Pass-through mode (optional): IP Pass-through (bridged) mode specifies that IP packets received by the Digi device server will be bridged transparently between the Ethernet and mobile data links. This is useful for interoperability with third-party routers. Effectively, the mobile IP address of the Digi device server is given to a host on the Ethernet side of that Digi device server. Please consult with your mobile plan provider to obtain addresses to use (IP, DNS), and that your plan supports static address assignment. Optional "pinholes" can be configured such that a user can still access specific services of the Digi device server from the mobile network side, even when it is operating in IP Pass-through mode. For example, one can configure a pinhole that permits a user to telnet to the Digi device server over the mobile network connection. Add Socket Tunnel feature: A Socket Tunnel can be used to connect two network devices - one on the Digi device server's local network and the other on the remote network. This is especially useful for providing SSL data protection when the local devices do not support the SSL protocol. One of the endpoint devices is configured to initiate the socket tunnel. The tunnel is initiated when that device opens a TCP socket to the Digi device server on the configured port number. The Digi device server then opens a separate connection to the specified destination host. Once the tunnel is established, the Digi device server acts as a proxy for the data between the remote network socket and the local network socket, regardless of which end initiated the tunnel. Support additional wireless carriers: o Cellular South (CDMA) o Movistar Colombia (CDMA) o Movistar Panama (CDMA) o Movistar Peru (CDMA) o Verizon Puerto Rico (CDMA) Improve cellular module provisioning (web UI and CLI). Add SureLink (tm) statistics and additional mobile information to the Mobile System Information web page. Connectware Manager (Remote Management): o Add Server-Initiated Connection support for Connectware Manager, allowing the server to connect to the device (on demand) as a configurable option. Includes Last Known Address (LKA) updates to the Connectware Manager when the mobile IP address changes. o Decrease the amount of data exchanged over a cellular connection when connecting to the Connectware Manager server. o Simplify Remote Management Configuration web pages for an improved user experience. o Add support to disconnect from the Connectware Manager when the connection to the server is idle for a configurable interval. DHCP Server: o Add configurable conflict detection, whereby the DHCP Server pings an IP address to verify its availability, before offering it to a client for a new lease. Conflict detection is disabled by default. o Improve information on web page for DHCP Server Management. o Improve web UI help information. Add RealPort (tm) "exclusive" mode option: Exclusive mode provides the ability for the Digi device to close an existing RealPort connection and establish a new one immediately upon a new connection request from the same IP address. This mode is useful when using RealPort over wide area networks that can be unstable and where you are charged by the byte (such as cellular or satellite) and do not wish to incur costs for keep-alive traffic. Exclusive mode will allow your application to retain continuity when temporary, unexpected interruptions in network connectivity occur. This configuration is available via the command line. Syntax: set realport exclusive=on|off BUG FIXES Fixed an issue in which some of the cached DHCP Server configuration information may be corrupt after a button reset. (18483) Fixed an issue in which a network endpoint (UDP socket) could become blocked because of an empty packet being sent to it. (18626) Invalid alarm subject when configuring an snmp trap alarm. (17656) In Network Services Settings page, ADDP UDP port may no longer be configured by the user. (16811) Added mobile phone number of cellular modem to Mobile System Information page in web UI. (17752) Fixed an issue in which telnet breaks were not being sent on a serial port. (17568) Fixed memory leaks. (17730, 18440) Fixed a failure to detect in a timely manner the end of a session in SSL/TLS, particularly during the handshake phase. (19068) Removed unneeded or invalid groups from the RCI reply. This eliminates confusion and significantly reduces the size of the generated output. (18880) Corrected duplicate and elements in the group. (19052) Removed inappropriate BER (bit error rate) item from 'display mobile' output for Siemens MC75 module. DHCP Server is no longer enabled by default, since it requires static a IP address and the Digi Connect WAN IA uses DHCP by default to obtain its IP address. KNOWN ISSUES - The Modbus Bridge must be configured by Telnet and Command Line. At present the Web UI only allows disabling the Modbus bridge or changing the basic serial settings. - Digi RealPort can only be used if the Modbus Bridge function is disabled. You cannot use RealPort with Modbus/RTU or ASCII to access the Modbus Bridge function. - Do not attempt to "Port Forward" TCP 502 or UDP 502 to local Modbus/TCP servers while the Modbus Bridge is active - this causes NEITHER function to work. Disable the Modbus Bridge if you desire tradtional Router/NAT function for Modbus/TCP port 502. - If you disable the Modbus Bridge or it stops working due to other configuration changes you have made (on purpose or accidently), then the safest way to restore the Modbus Bridge is to hold the blue reset button while powering up the WAN IA to do a hardware configuration reset. Doing a Default Reset by the Web UI may not fully clear certain low-level settings. DOCUMENTATION ERRATA None. HISTORY 82001323_B - July 27, 2006 See ENHANCEMENTS and BUG FIXES information above. 82001323A1 - May 10, 2006 Fixed an issue, where, in certain circumstances, the device would not retain the correct default IP address assignment configuration. (18544) 82001323A - Feb 17, 2006 Initial release.