Daktronics

How to secure your Sierra Wireless modem for use with your LED display.

Topic

  • How do I secure my Sierra Wireless modem for use with digital displays?
  • How do I disable Telnet to my modem?
  • How do I set my modem so it doesn't respond to pings?
  • How do I disable HTTP access to my modem?
  • How to disable outbound SSH and telnet traffic on a Sierra Wireless modem?

Environment

  • Product Family: Billboards, Message Displays, Transportation
  • Products:
  • Components: Sierra Wireless AirLink modems or gateways with a static IP address assigned
    • Raven XE/XT, LS300, GX400, GX440, GX450, ES450, RV50, MP70
  • Control System:

Steps

NOTE: The steps below are specific to Sierra Wireless modems, but can be generally applied to most other modem providers.  Please work directly with your Internet Service Provider (ISP) or modem provider for detailed instructions.

  1. Verify the modem's firmware is up to date, follow DD3643150.
  2. Change the default password on the modem, follow DD3498229. 
  3. Connect to the modem again and log in.
  4. Disable HTTP access to the modem:
    1. Click on the Services tab.
    2. Select AceManager on the side bar.
    3. Change both Remote Access and Local Access to HTTPS Only and click Apply.
  5. Disable Telnet to the modem:
    1. Select Telnet/SSH on the side bar.
    2. Change the Remote Login Server Mode to SSH and click Apply.
  6. Disable ping responses by the modem:
    1. Select the WAN/Cellular tab.
    2. Expand the Advanced heading.
    3. Change the Response to Incoming Ping to:
      • Galaxy Displays =  No Response.
      • Billboard Displays (if using Daktronics Security Appliance) = Pass to Host.
    4. Click Apply
  7. Disable outbound SSH and telnet traffic, follow How to disable outbound SSH and telnet traffic on a Sierra Wireless modem, DD3498274
  8. Disable unneeded forwarding rules.
    1. Select the Security tab.
    2. Select Port Forwarding on the side bar.
    3. Ensure that DMZ and Port Forwarding settings are only enabled as needed for your display.
  9. Click the Reboot button to reboot the modem and implement all the changes.

KB ID: 000002455

DISCLAIMER: Use of this content may void the equipment warranty, please read the disclaimer prior to performing any service of the equipment.

DAKTRONICS DOES NOT PROMISE THAT THE CONTENT PROVIDED HEREIN IS ERROR-FREE OR THAT ANY DEFECTS WILL BE CORRECTED, OR THAT YOUR USE OF THE CONTENT WILL PROVIDE SPECIFIC RESULTS. THE CONTENT IS DELIVERED ON AN "AS-IS" AND "AS-AVAILABLE" BASIS. ALL INFORMATION PROVIDED IN THIS ARTICLE IS SUBJECT TO CHANGE WITHOUT NOTICE. DAKTRONICS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. DAKTRONICS DISCLAIMS ANY AND ALL LIABILITY FOR THE ACTS, OMISSIONS AND CONDUCT OF YOU OR ANY THIRD PARTIES IN CONNECTION WITH OR RELATED TO YOUR USE OF THE CONTENT. ADJUSTMENT, REPAIR, OR SERVICE OF THE EQUIPMENT BY ANYONE OTHER THAN DAKTRONICS OR ITS AUTHORIZED REPAIR AGENTS MAY VOID THE EQUIPMENT WARRANTY. YOU ASSUME TOTAL RESPONSIBILITY FOR YOUR USE OF THE CONTENT AND ANY LINKED CONTENT. YOUR SOLE REMEDY AGAINST DAKTRONICS FOR DISSATISFACTION WITH THE CONTENT IS TO STOP USING THE CONTENT. THIS LIMITATION OF RELIEF IS A PART OF THE BARGAIN BETWEEN THE PARTIES.

The above disclaimer applies to any property damage, equipment failure, liability, infringement, or personal injury claim arising out of or in any way related to your use or application of the content, whether such claim is for breach of contract, tort, negligence or any other cause of action.