Solution for ATM Terminal Wireless Access System Based on WCDMA 3G Private NetworkTime：2018-11-12 Source：
一、Xiamen Caimore Wcdma 3G Router
CM520 series WCDMA/HSDPA/HSUPA Router wireless router adopts high-performance 32-bit industrial-grade ARM9 communication processor, with embedded real-time operating system as software support platform. The system integrates a full range of communication links from logic link layer to application layer. Provide RS232 and 10/100M Ethernet interface, support static and dynamic routing, PPP server and PPP client, VPN (including PPTP and IPSEC), DHCP server and DHCP client, DDNS, firewall, NAT, DMZ host and other functions. Provide users with secure, high-speed, stable and reliable wireless routing network for routing and forwarding of various protocols.
Xiamen Caimore wcdma 3G Router principle diagram is as follows:
二、 Wireless Parameter
1. Support UMTS/HSDPA/WCDMA 850/1900/2100MHz
2. Dual-band EGSM 850/900/1800/1900MHz
3, support GPRS / EDGE CLASS 12
4, the data rate
HSDPA/HSUPA mode:Downlink up to 7.2Mbps Uplink up to 5.76Mbps
WCDMA mode:Downlink/Uplink up to 384Kbps
EDGE mode:Downlink up to 236.8Mbps Uplink up to 118Kbps
GPRS mode:Downlink up to 85.6Mbps Uplink up to 42.8Kbps
CSD mode:Downlink/Uplink up to 14.4Kbps
三、 Software Function
1. Support VPN security tunneling functions, including PPTP+MPPE and IPSEC
2. Intelligent anti-drop line, support online detection, online maintenance, automatic redial of dropped calls, to ensure that the device is always online.
3. Support IPTABLES firewall, packet filtering
4. Support multiple protocols: TCP/IP, UDP, ICMP, SMTP, HTTP, POP3, OICQ, TELNET, FTP, etc.
5. Support dynamic routing and static routing
6. Support DHCP function
7. Support NAT functions such as SNAT, DNAT
8. Support dynamic DDNS
9. Support DMZ host
10. Support routing and forwarding, also support serial data transmission, data center management
11. Support APN/VPDN network
12. Convenient WEB configuration, support remote WEB management
13. Support telnet management, easy to use console shell interactive environment
14. Support multiple terminals to share router ppp WAN export
15. Support multiple wireless dialing modes: automatic allocation, specify IP, specify local peer IP
16. Support as a PPP server, multiple authentication methods, support two-way authentication
17. Easy to use COM and SYSLOG system diagnostics, debugging features
18. Support serial port local software upgrade
19. Support TFTP software remote upgrade
20. Support real time clock
21. Support both LINUX and WINDOWS operating systems
四、 Hardware System
1, CPU: industrial grade ARM9 CPU, 200MPS, 16K Dcache, 16K Icache
2, FLASH: 8MB (expandable to 32MB)
3, SDRAM: 64MB (expandable to 256MB)
Ethernet port: a 10/100 Base-T Ethernet port,
Shielded RJ-45 1,5 kV isolation transformer,
Ethernet IEEE 802-3, 802-2
RS232 serial port, (Support RS422/RS485 if needed)
Data bits : 7 or 8
Parity: None, Even, Odd
Stop bits: - 1 or 2
Flow contro: None or RTS/CTS
Protection – 15 kV ESD and short circuit
Console : RS-232, 115200 bps, 8 data bits, 1 stop bit, no parity (8N1)
Indicator light: It has LINK/ACT indicator for power, communication, online and Ethernet ports.
Antenna interface: Standard SMA female antenna interface with a characteristic impedance of 50 ohms.
SIM/UIM card interface: Standard drawer user card interface (3V/5V).
Power interface: Standard 3-core locomotive power outlet.
Voice interface: Standard headphone microphone interface. (reserved, optional)
5, power supply: External power supply: DC 9V 1.5A
Wide voltage supply: DC 5-32V
6, other parameters: Working environment temperature -25~+65oC
Storage temperature -40~+85oC
Relative humidity 95% (no condensation)
The system consists of bank equipment (ATM or self-service equipment, etc.), Xiamen Caimore WCDMA 3G router, WCDMA wireless network, China Unicom and inter-bank lines, bank routers, bank servers and other equipment.
The data flow process is as follows: the ATM device of the bank transmits the data to the WCDMA wireless network through the Xiamen WCDMA Router, and the WCDMA wireless network transmits the data to the bank router through a dedicated line such as DDN or frame relay, and then routes to the bank through the router. On the server. If the bank is to have more security control, the Radius authentication server can be added to the bank (optional, because the WCDMA wireless access has an AAA server for authentication).
六、Introduction to WCDMA private network access
1. WCDMA private network access VPDN/APN:
1）The bank accesses Unicom's WCDMA network through a 2M DDN or Frame Relay line. The two routers use private IP addresses for wide-area connections, and establish an encrypted tunnel between the Unicom-certified router and the user-authenticated router.
2）Unicom allocates a dedicated VPDN/APN to the bank, and ordinary users cannot enter the VPDN/APN. Only the WCDMA private network card assigned by China Unicom can enter the VPDN/APN network to prevent other illegal users from entering.
3） The user establishes a RADIUS server internally as a remote authentication server for internal users. Only authenticated users are allowed to access to ensure internal security.
4） The user establishes a DHCP server internally to assign the user's internal address to the authenticated user.
5） End-to-end encryption: End-to-end encryption is used between the ATM terminal and the server platform to avoid possible leakage of information throughout the transmission process.
6） Both sides use a firewall to isolate and perform IP address and port filtering on the firewall.
2. The process of logging in to the server platform by the WCDMA private network system terminal is as follows:
1) The user issues a WCDMA login request, and the request includes a private network VPDN/APN specially allocated by the Unicom Corporation for the WCDMA private network system;
2) According to the VPDN/APN in the request, the Unicom network sends a query request to its DNS server, finds the GGSN connected to the enterprise server platform, and sends the user request to the GGSN through the GTP tunnel encapsulation;
3) GGSN sends user authentication information (including mobile phone number, user account, password, etc.) to Radius for authentication;
4) The Radius authentication server sees the authentication information such as the mobile phone number, confirms that it is a request sent by a legitimate user, and requests the DHCP server to allocate a user address;
5) After Radius authentication is passed, Radius sends a confirmation message carrying the user address to the GGSN;
6) If the user obtains the IP address, he/she can carry the data packet and access the WCDMA private network system information query and service processing platform.
One of the main advantages of WCDMA 3G network is the fast transmission speed. Now basically all kinds of services can be implemented on it, including video surveillance, and WCDMA is not restricted by wiring, construction is convenient, construction period is short, and the effect is fast. The bank's ATM, query terminal, and payment terminal are very suitable for using WCDMA networks to realize the transmission of transactions or monitoring data.
Xiamen Caimore WCDMA Router is praised by customers for its fast transmission speed and stable running performance. It has been widely used in domestic banking, postal storage, environmental protection, security and other industries, and exported to Hong Kong, Indonesia, India, Russia, Brazil, Ghana. And other countries.