Can't contact LX40 modem over the air

Hi.

I’m trying to make initial contact with an LX40 modem’s web configuration over the air as a test prior to doing more advanced configuration. https: and I can’t seem to contact it. It’s possible that it’s the connection, but I can see that the modem has acquired and ip number from the provider and I can see from the lights that it has at least an ok connection. I also seem to see the receive light blink randomly when I do this and make contact. However, there is no response from the modem. I think I’m doing things correctly, but clearly something is wrong. I see that I can send the config to you all. Could I get someone take a look at it if I upload it? There are a lot of settings and I’ve been working on this for weeks trying different them and different port numbers, but with no luck.

Thanks,

Brecky

Hi @brecky.morris,

Based on your description, I understand that you want to access ACEmanager of the LX40 over cellular, is that correct?

In order to remote access, as far as I know, there are two possible ways:
Option 1: Your gateway has a public IP assigned by your mobile service provider.
Option 2: If the device is used on a private network, the private network needs to support routing.

Please recheck with your network provider to confirm this.

By default remote access to ACEmanager is disabled for security purposes.
Go to ACEManager:

  1. Services → ACEManager → Remote access: HTTPS only.
  2. Ensure Port filtering-Inbound and Port filtering-Outbound, Trusted IP lists are empty in ACEmanager->Security tab.
  3. Apply all changes and reboot gateways.
  4. The SIM card assigns a WAN static IP to the gateway, using that IP to remote access ACEmanager (https://MobileWANstaticIP:9443)

If you have completed all the steps but still cannot access it, please share the log file and template file with me.

Thanks,

Hi,

I checked settings and also tried another cell operator and SIM card. I have no idea what the problem is. Two files should be attached to this email. If they are not, something has gone wrong with getting them into your system and I can resent some other way.

Thanks,
Brecky

(Attachment template_debugucscedu12192024.xml is missing)

(attachments)

20241219_235416_filteredlogs.tgz (64.9 KB)

ok. the xml file got rejected. Let me try a zip file…

(attachments)

template_debugucscedu12192024.xml.zip (15.1 KB)

Hi @brecky.morris,

From the template file you provided, I see that you have configured OpenVPN as follows:

<menu name="VPN 1">
			<section name="Type">
				<item msciid="3151" title="VPN 1 Type" value="3" />
			</section>

However, it seems that the configuration is incomplete.
I notice that the Peer Identify field is not configured, and the current value is 0.0.0.0:

<section name="General (OpenVPN)">
				<item msciid="10004" title="Peer Port" value="9300" />
				<item msciid="10005" title="Peer Identify" value="0.0.0.0" />
				<item msciid="10008" title="Encryption Algorithm" value="3" />
				<item msciid="10009" title="Authentication Algorithm" value="2" />
				<item msciid="10024" title="Compression" value="1" />
				<item msciid="10014" title="Client Certificate" value="0" />
				<item msciid="10010" title="User Name" value="" />
				<item msciid="10017" title="User Name/Password Retry" value="0" />
				<item msciid="10016" title="Additional TLS Authentication" value="0" />
				<item msciid="10018" title="Server Certificate Verification" value="0" />
			</section>

This leads to the status VPN 1 Status: Not Connected

<menu name="VPN">
			<status title="Incoming Out of Band" value="Blocked" />
			<status title="Outgoing Management Out of Band" value="Allowed" />
			<status title="Outgoing Host Out of Band" value="Blocked" />
			<status title="VPN 1 Status" value="Not Connected" />

Please recheck your configuration, as the OpenVPN tunnel must be established to access the ACEmanager UI over the VPN tunnel.

Thanks,