Solution for ATM Terminal Wireless Access System Based on WCDMA 3G Private Network

一、Xiamen Caimore Wcdma 3G Router

CM520 series WCDMA/HSDPA/HSUPA Router wireless router adopts high-performance 32-bit industrial-grade ARM9 communication processor, with embedded real-time operating system as software support platform. The system integrates a full range of communication links from logic link layer to application layer. Provide RS232 and 10/100M Ethernet interface, support static and dynamic routing, PPP server and PPP client, VPN (including PPTP and IPSEC), DHCP server and DHCP client, DDNS, firewall, NAT, DMZ host and other functions. Provide users with secure, high-speed, stable and reliable wireless routing network for routing and forwarding of various protocols.


Xiamen Caimore wcdma 3G Router principle diagram is as follows:

二、 Wireless Parameter

1. Support UMTS/HSDPA/WCDMA 850/1900/2100MHz

2. Dual-band EGSM 850/900/1800/1900MHz

3, support GPRS / EDGE CLASS 12

4, the data rate

HSDPA/HSUPA mode:Downlink up to 7.2Mbps     Uplink up to 5.76Mbps

WCDMA mode:Downlink/Uplink up to 384Kbps

EDGE mode:Downlink up to 236.8Mbps     Uplink up to 118Kbps

GPRS mode:Downlink up to 85.6Mbps     Uplink up to 42.8Kbps

CSD mode:Downlink/Uplink up to 14.4Kbps

三、 Software Function

1. Support VPN security tunneling functions, including PPTP+MPPE and IPSEC

2. Intelligent anti-drop line, support online detection, online maintenance, automatic redial of dropped calls, to ensure that the device is always online.

3. Support IPTABLES firewall, packet filtering

4. Support multiple protocols: TCP/IP, UDP, ICMP, SMTP, HTTP, POP3, OICQ, TELNET, FTP, etc.

5. Support dynamic routing and static routing

6. Support DHCP function

7. Support NAT functions such as SNAT, DNAT

8. Support dynamic DDNS

9. Support DMZ host

10. Support routing and forwarding, also support serial data transmission, data center management

11. Support APN/VPDN network

12. Convenient WEB configuration, support remote WEB management

13. Support telnet management, easy to use console shell interactive environment

14. Support multiple terminals to share router ppp WAN export

15. Support multiple wireless dialing modes: automatic allocation, specify IP, specify local peer IP

16. Support as a PPP server, multiple authentication methods, support two-way authentication

17. Easy to use COM and SYSLOG system diagnostics, debugging features

18. Support serial port local software upgrade

19. Support TFTP software remote upgrade

20. Support real time clock

21. Support both LINUX and WINDOWS operating systems

四、 Hardware System

1, CPU: industrial grade ARM9 CPU, 200MPS, 16K Dcache, 16K Icache

2, FLASH: 8MB (expandable to 32MB)

3, SDRAM: 64MB (expandable to 256MB)

4. Interface:

Ethernet port:    a 10/100 Base-T Ethernet port,

Shielded RJ-45 1,5 kV isolation transformer,

Ethernet IEEE 802-3, 802-2

Serial port:

RS232 serial port, (Support RS422/RS485 if needed)

Rate: 110bps~230400bps

Data bits : 7 or 8

Parity: None, Even, Odd

Stop bits: - 1 or 2

Flow contro: None or RTS/CTS

Protection – 15 kV ESD and short circuit

Console : RS-232, 115200 bps, 8 data bits, 1 stop bit, no parity (8N1)

Indicator light: It has LINK/ACT indicator for power, communication, online and Ethernet ports.

Antenna interface: Standard SMA female antenna interface with a characteristic impedance of 50 ohms.

SIM/UIM card interface: Standard drawer user card interface (3V/5V).

Power interface: Standard 3-core locomotive power outlet.

Voice interface: Standard headphone microphone interface. (reserved, optional)

5, power supply:     External power supply: DC 9V 1.5A

Wide voltage supply: DC 5-32V

6, other parameters:   Working environment temperature -25~+65oC

Storage temperature -40~+85oC
Relative humidity 95% (no condensation)



五、System Networking




The system consists of bank equipment (ATM or self-service equipment, etc.), Xiamen Caimore WCDMA 3G router, WCDMA wireless network, China Unicom and inter-bank lines, bank routers, bank servers and other equipment.

The data flow process is as follows: the ATM device of the bank transmits the data to the WCDMA wireless network through the Xiamen WCDMA Router, and the WCDMA wireless network transmits the data to the bank router through a dedicated line such as DDN or frame relay, and then routes to the bank through the router. On the server. If the bank is to have more security control, the Radius authentication server can be added to the bank (optional, because the WCDMA wireless access has an AAA server for authentication).


六、Introduction to WCDMA private network access

1. WCDMA private network access VPDN/APN:

1）The bank accesses Unicom's WCDMA network through a 2M DDN or Frame Relay line. The two routers use private IP addresses for wide-area connections, and establish an encrypted tunnel between the Unicom-certified router and the user-authenticated router.

2）Unicom allocates a dedicated VPDN/APN to the bank, and ordinary users cannot enter the VPDN/APN. Only the WCDMA private network card assigned by China Unicom can enter the VPDN/APN network to prevent other illegal users from entering.

3） The user establishes a RADIUS server internally as a remote authentication server for internal users. Only authenticated users are allowed to access to ensure internal security.

4） The user establishes a DHCP server internally to assign the user's internal address to the authenticated user.

5） End-to-end encryption: End-to-end encryption is used between the ATM terminal and the server platform to avoid possible leakage of information throughout the transmission process.

6） Both sides use a firewall to isolate and perform IP address and port filtering on the firewall.

2. The process of logging in to the server platform by the WCDMA private network system terminal is as follows:

1) The user issues a WCDMA login request, and the request includes a private network VPDN/APN specially allocated by the Unicom Corporation for the WCDMA private network system;

2) According to the VPDN/APN in the request, the Unicom network sends a query request to its DNS server, finds the GGSN connected to the enterprise server platform, and sends the user request to the GGSN through the GTP tunnel encapsulation;

3) GGSN sends user authentication information (including mobile phone number, user account, password, etc.) to Radius for authentication;

4) The Radius authentication server sees the authentication information such as the mobile phone number, confirms that it is a request sent by a legitimate user, and requests the DHCP server to allocate a user address;

5) After Radius authentication is passed, Radius sends a confirmation message carrying the user address to the GGSN;

6) If the user obtains the IP address, he/she can carry the data packet and access the WCDMA private network system information query and service processing platform.

七. Conclusion

One of the main advantages of WCDMA 3G network is the fast transmission speed. Now basically all kinds of services can be implemented on it, including video surveillance, and WCDMA is not restricted by wiring, construction is convenient, construction period is short, and the effect is fast. The bank's ATM, query terminal, and payment terminal are very suitable for using WCDMA networks to realize the transmission of transactions or monitoring data.

Xiamen Caimore WCDMA Router is praised by customers for its fast transmission speed and stable running performance. It has been widely used in domestic banking, postal storage, environmental protection, security and other industries, and exported to Hong Kong, Indonesia, India, Russia, Brazil, Ghana. And other countries.