GDS370x - User Manual

WELCOME

Thank you for purchasing Grandstream GDS370x Audio Door Access System,

The GDS3705 was built for users looking for a strong audio-only facility access and security monitoring solution that can be deployed in environments of all sizes. This audio door system features dual microphones and HD loudspeaker with advanced AEC to offer intercom functionality, can support SIP calls to IP phones and has a built-in RFID chip reader and keypad for secured keyless or key entry. The GDS3705 comes equipped with a zinc alloy metal casing, making it weatherproof and vandal resistant and offers alarm-in and alarm-out support for integration with existing security devices. The GDS3705 integrates with Grandstream’s free management utility software, GDS Manager, allowing RFID card information, as well as the device itself to be fully managed by this software. Thanks to its integration with other Grandstream endpoints like the GXP IP phones, GXV video phones, portable WiFi and DECT IP phones and Grandstream Wave mobile app, the GDS3705 offers a complete end-to-end solution for access control, audio intercom, and security needs

The GDS3702 is an HD Audio IP Intercom System to offer remote facility access control for buildings of all sizes. This device includes a built-in microphone and speaker to support intercom functionality, supports integration with electric locks for locking and unlocking doors, and offers alarm-in and alarm-out support for integration with existing security systems. The GDS3702 works with Grandstream’s free management software, GDS Manager. It features SIP/VoIP technology with 2-way HD audio, IP66 level weatherproof casing, and is vandal resistant. The combination of the GDS3702, Grandstream’s IP Phones, Wave mobile app, and other 3rd party IP devices provide a complete end-to-end solution for access control, and intercom needs.

PRODUCT OVERVIEW

Feature Highlights

The following table contains the major features of the GDS370x.

GDS370x Features in a Glance

Technical Specifications

The following table resumes all the technical specifications including the protocols/standards supported, voice codecs, telephony features, and upgrade/provisioning settings for GDS370x.

GDS3705

Network Protocols	TCP/IP/UDP, RTP/RTCP/RTCP-XR, HTTP/HTTPS local upload and mass provisioning using TR-069, ARP/RARP, ICMP, DNS, DHCP, SSH, SMTP, NTP, STUN, TLS, SRTP.
SIP/VoIP Support	Broad interoperability with most 3rd party SIP/VoIP devices and leading SIP/NGN/IMS platforms.
Voice Codecs	G.711µ/a-law, G.722, G.729A/B, DTMF (RFC2833, SIP INFO), AEC.
QoS	Layer 2 QoS (802.1Q, 802.1P).
Security	User and administrator level access control (pending), MD5 and MD5-sess-based authentication, 256-bit AES encrypted configuration file, TLS, SRTP, HTTPS, 802.1Q.
Upgrade / Provisioning	Firmware upgrade via HTTP/HTTPS, mass provisioning using TR-069 or AES encrypted XML configuration file.
Audio Input	Integrated dual microphones.
Audio Output	Built-in HD Loudspeaker (2 Watt), sound quality suitable for up to 3 m.
Keypad / Buttons	12-Metal Keys plus a Metal doorbell button.
RFID	125KHz: EM4100 (1 RFID card and 1 RFID key fob included).
Alarm Input	Yes, 2 channels, Vin < 15V, for door sensors or other devices.
Alarm Output	Yes, 2 channels, 125VAC/0.5A, 30VDC/2A, Normal Open or Normal Close, for electric lock, light switch or other devices.
Network Interface	10M/100M auto-sensing.
Expansion Interface	RS485, Wiegand (26 bits) input and output.
Dimensions and Weight	On-Wall : 173mm(H) x 80mm(W) x 36mm(D). In-Wall : 217mm x 120mm x 11.6mm 0.635 Kg.
Power Supply	PoE (Power over Ethernet) IEEE 802.3af Class 3, or 12VDC/1A connection (AC power adapter not included).
Ingress Protection	Weatherproof, vandal-resistant, with support for extra back reinforcing metal plate
Temperature and Humidity	Operation: -30°C to 60°C (-22°F to 140°F) Storage: -35°C to 60°C (-31°F to 140°F) Humidity: 10% to 90% Non-condensing
Protection Class	IP66 (EN60529), IK09 (IEC62262).
Compliance	FCC: Part 15; Subpart B; Subpart C; MPE CE: EN 55032; EN 50130; EN 61000-3-2; EN 61000-3-3; EN 60950-1; EN 300 330; EN 301 489-1; EN 301 489-3; EN 62311 RCM: AS/NZS CISPR 22/24; AS/NZS 4268; AS/NZS 60950.1 IC: ICES-003; RSS310

GDS3702

Network Protocols	TCP/IP/UDP, RTP/RTCP/RTCP-XR, HTTP/HTTPS local upload and mass provisioning using TR-069, ARP/RARP, ICMP, DNS, DHCP, SSH, SMTP, NTP, STUN, TLS, SRTP.
SIP/VoIP Support	Broad interoperability with most 3rd party SIP/VoIP devices and leading SIP/NGN/IMS platforms.
Voice Codecs	G.711μ/a, G.722, DTMF(RFC2833, SIP INFO), AEC, ANC
QoS	Layer 2 QoS (802.1Q, 802.1P).
Security	User and administrator level access control (pending), MD5 and MD5-sess-based authentication, 256-bit AES encrypted configuration file, TLS, SRTP, HTTPS, 802.1Q.
Upgrade / Provisioning	Firmware upgrade via HTTP/HTTPS, mass provisioning using TR-069 or AES encrypted XML configuration file.
Audio Input	Built-in microphones up to 1.5m
Audio Output	Built-in HD Loudspeaker (2 Watt), sound quality suitable for up to 3 m.
Alarm Input	Yes, 2 channels, Vin < 15V, for door sensors or other devices.
Alarm Output	Yes, 2 channels, 125VAC/0.5A, 30VDC/2A, Normal Open or Normal Close, for electric lock, light switch or other devices.
Network Interface	10M/100M auto-sensing.
Expansion Interface	RS485, Wiegand (26 bits) input and output.
Dimensions and Weight	On-Wall : 173mm(H) x 80mm(W) x 36mm(D). In-Wall : 217mm(H) x 120mm(W) x 11.6mm(D). 0.672 Kg.
Power Supply	PoE (Power over Ethernet) IEEE 802.3af Class 3, or 12VDC/1A connection (AC power adapter not included).
Ingress Protection	Weatherproof, vandal-resistant, with support for extra back reinforcing metal plate
Temperature and Humidity	Operation: -30°C to 60°C (-22°F to 140°F) Storage: -35°C to 60°C (-31°F to 140°F) Humidity: 10% to 90% Non-condensing
Protection Class	IP66 (EN60529), IK09 (IEC62262).
Compliance	FCC: Part 15; Subpart B; Subpart C; MPE CE: EN 55032; EN 50130; EN 61000-3-2; EN 61000-3-3; EN 60950-1; EN 300 330; EN 301 489-1; EN 301 489-3; EN 62311 RCM: AS/NZS CISPR 22/24; AS/NZS 4268; AS/NZS 60950.1 IC: ICES-003; RSS310 UKCA

GETTING STARTED

This chapter provides basic installation instructions including the list of the packaging contents and information for obtaining the best performance using the GDS370x Audio Access Door System.

Equipment Packaging

GDS3705

GDS3702

Description of the GDS370x

The below figures show the component of the back and front view of the GDS370x IP Audio Access Door System:

GDS3705

GDS3702

Connecting and Setting up the GDS370x

The GDS370x can be powered using PoE or PSU:

Using PoE as a power supply (Suggested)

• Connect the other end of the RJ45 cable to the PoE switch.
• A PoE injector can be used if the PoE switch is not available.

Using the power adapter as a power supply (PSU not provided)

• Connect the other end of the RJ45 cable to the network switch or router.
• Connect the DC 12V power source via the related cable to the corrected PIN of the GDS370x.

GDS370x Wiring Connection

GDS3705 Wiring Connection

GDS370x Back Cover Connections

Connection Example

To connect the GDS either by using PoE or PSU follow the steps below:

• Open the Back-Cover Board of the GDS370x which should look like the following figure.

Power GDS370x using PoE

• Cut into the plastic sheath of your Ethernet cable, then Unwind and pair as shown below.

Use the TIA/EIA 568-B standard, which defines pin-outs for using Unshielded Twisted Pair cable and RJ-45 connectors for Ethernet connectivity.

• Connect each wire of the cable to its associate on the Back Cover of the GDS370x to power the unit using PoE.

Power GDS370x using PSU

• To power the unit using PSU, use a multimeter to detect the polarity of your Power Supply, then connect GND to the negative pole and 12V to the positive pole of the PSU.

GETTING TO KNOW GDS370x

The GDS370x has an embedded Web server to respond to HTTP/HTTPS GET/POST requests. Embedded HTML pages allow users to configure the GDS370x through all available Web browsers in the internet.

Connecting GDS370x to Network with DHCP Server

The GDS370x by default has a DHCP client enabled, it will automatically get IP address from DHCP server.

Windows Platform

Two ways exist for Windows users to get access to the GDS370x:

UPnP

By default, the GDS370x has the UPnP feature turned ON. For customers using Windows network with UPnP turned on (most SOHO routers support UPnP), it is very easy to access the GDS370x:

1. Find the “Network” icon on the Windows Desktop.
2. Click the icon to get into the “Network”, the GDS370Xs will list as “Other Devices” shown like below. Refresh the pages if nothing is displayed. Otherwise, the UPnP may not be active in the network.

3. Click on the displayed icon of related GDS370x, the default browser (e.g.: Internet Explorer, Firefox, or Chrome) will open and connect directly to the login webpage.

GS Search

GS search is a program that is used to detect and capture the IP address of Grandstream devices. Below are instructions for using the “GS Search” utility tool:

• Download the GS Search utility tool from the Grandstream website using the following link: GS_Search

• Double click on the downloaded file and the search window will appear.
• Click on button to start the discovery for Grandstream devices.
• The detected devices will appear in the output field like below.

• Double click on a device to access its web GUI.

GDS Manager Utility Tool

Users can know the IP address assigned to the GDS370x from the DHCP server log or using the Grandstream GDS Manager after installing this free utility tool provided by Grandstream. Users can find instructions below, for using the “GDS Manager” utility tool:

1. Download the GDS Manager utility tool from the Grandstream website using the following link: GDSManager Download
2. Install and run the Grandstream GDS Manager, a client/server architecture application, the server should be running first, then GDSManager (client) later:

3. On the GDS Manager access to Device 🡪 Search and Click on the button to start device detection

4. The detected devices will appear in the output field like below:

5. Double click the column of the detected GDS370x, and the browser will automatically open and show the device’s web configuration page.

6. Enter the administrator user name and password to access the Web Configuration Interface, the default admin username is “admin” and the default random password can be found at the sticker on the GDS3705.

Connect to the GDS370x using Static IP

If there is no DHCP server in the network, or the GDS370x does not get IP from the DHCP server, the user can connect the GDS370x to a computer directly, using static IP to configure the GDS370x.

1. The default IP, if no DHCP server, or DHCP request times out (after 3 minutes), is 192.168.1.168
2. Connect the Ethernet cable from GDS370x to the computer network port directly.
3. Configure the computer using Static IP: 192.168.1.XXX (1<XXX<255, except for 168) and configure the “Subnet mask” to “255.255.255.0”. Leave the “Default Gateway” to “Blank” like below:

4. Power on the GDS370x, using a PoE injector or external DC power.

5. Enter 192.168.1.168 in the address bar of the browser, and log in to the device with admin credentials. the default admin username is “admin” and the default random password can be found on the sticker on the GDS3705.

GDS370x APPLICATION SCENARIOS

The GDS370x Door System can be used in different scenarios. We will be using the GDS3705 Model as our testing unit.

Peering Mode without SIP Server

For environments like remote warehouse/storage, grocery store, small (take-out) restaurants, just using static IP with PoE switch to form a LAN, using Grandstream’s audio phone GXP21XX/17XX/16XX series, the GDS370x will meet your very basic intercom and open-door requirements.

This is the solution to upgrade the traditional analog Intercom system. All you need is a Power source, Switch or PoE Switch, and Grandstream IP phones.

The equipment list can be found below:

• GDS370x
• Grandstream IP Phones
• PoE Switch with related Cat5e/Cat6 wiring

Peering using SIP Server (UCM6XXX)

For large deployment, multiple GDS370x units might be required, peered connection will not work in such case due to multiple connections. Such scenarios require an IPPBX or a SIP Proxy to accomplish the tasks.

If remote access is required, a router with internet access should be added to the below-needed equipment list:

• Several GDS370x
• UCM6XX or another SIP Server
• Grandstream IP Phones
• PoE Switch with related Cat5e/Cat6 wiring
• Electronic Lock

GDS370x PERIPHERAL CONNECTIONS

Below is the illustration of GDS370x peripheral connections for related applications.

Alarm IN/OUT

Alarm_In could use any 3rd party Sensor (like IR Motion Sensor).

Alarm_Out device could use 3rd party Siren, Strobe Light, or Electric Door Striker, etc.

The figure below shows an illustration of the Circuit for Alarm_In and Alarm_Out.

Notes:

• The Alarm_In and Alarm_Out circuit for the GDS370x should meet the following requirement:

Alarm Input	3V<Vin<15V, PINs (1.02KΩ)
Alarm Output	125VAC/0.5A, 30VDC/2A, Normal Open, PINs

• The Alarm_In circuit, if there is any voltage change between 3V and 15V, as specified in the table above, the GDS370x Alarm_In port will detect it and trigger the action and event.
• Higher voltage and wrong polarity connections are prohibited because this will damage the devices.

Protection Diode

When connecting the GDS370x to a door strike it is recommended to set an EMF protection diode in reverse polarity for secure use, below are examples of deployment for the protection diode.

The reverse EMF protection diode must always be installed in reverse polarity across the door strike.

Connection Examples

Below are examples, show how to use wiring on the back cover of the GDS370x to connect with external devices. The “NO” (Normal Open) model strike is used as an example, “NC” (Normal Closed) should be similar and users need to decide which model (NO or NC) to be used on the door.

Wiring Sample using 3^rd Party Power Supply

Wiring Sample using Power Supply for both GDS370x and Electric Strike

Wiring Sample using PoE to power GDS370x and 3^rd Party Power Supply for Electric Strike

Good Wiring Sample for Electric Strike and High-Power Device

Wiegand Module Wiring Examples

GDS370x package is shipped with one Wiegand cable for Input/Output Wiegand connections. The following examples show how to connect the Wiegand Input/Output devices to the GDS370x.

Input example with 3^rd party power supply for Wiegand device

Make sure to connect the GND of the Wiegand device and the GDS370x Wiegand port.

For Wiegand input mode, LED and Beep pins require that the Wiegand device support those interfaces. These two pins will not affect the Wiegand bus when not connected.

Input example with power supply for both GDS370x and Wiegand device

If the power source is 12VDC, the Wiegand device can share the same power source as GDS370x. However, users need to check the max power consumption and the max capability of the power source.

If Wiegand device is using 5VDC, GDS370x Wiegand port can provide 5VDC with max 500mA to power up Wiegand device.

Output example with 3^rd party power supply for Wiegand device

When the Wiegand output of the GDS370x is connected, it acts as the signal receiver of the 3^rd party Wiegand device, connecting to the door controller. The major wiring is GND, D0, and D1. Because usually, the door controller will consume a big current and power, the power supply should be separated.

Wiegand RFID Card Reader Example

Siren alarming when the door opened abnormally

When this feature is enabled (special wiring required, see below wiring diagram), an abnormal open door will be detected by the DI port (Alarm_In2 or IN2 in the below diagram showed) if wired correctly (connecting the COMx port to DIx port) therefore trigger the siren alarm. Once an abnormal open door alarm is triggered, the siren will sound non-stop, until manually overridden by a related person.

There are several ways to stop and disable the alarm:

1. Power cycle the GDS370x
2. Pick up the Alarm Phone Call (if configured)
3. Open Door using a PIN (either public PIN or private PIN) for the GDS3705 Model only.

Once the alarm is triggered, the GDS370x will play a siren sound, send an email to the administrator (if configured SMTP); call the configured alarm SIP phone, and send the alarm output (if connected). Users will only be able to disable the siren using the 3 methods mentioned above.

For detailed action information please refer to GDS37xx User Manual, “Alarm Action Settings” configuration. Below are some diagrams showing the correct wiring to enable this new security enhancement feature.

GDS370x Connection: IN2 set as Normal Close and “Fail-Safe” Electric Strike using 3^rd Party Power Supply

GDS370x Connection: IN2 set as Normal Open and “Fail Secure” Electric Strike using 3^rd Party Power Supply

Open Door via GDS370x with or without a SIP Call

This feature needs related matching GDS370x firmware to work. The minimum firmware version needed:

• GDS370x: 1.0.1.16 or higher.

From the GDS3705 side, the configuration is the same. The only difference is the number of doors to be controlled: If using Local Relay controlled by GDS3705, TWO DOORS can be controlled.

If using GSC3570 Relay, ONLY ONE DOOR can be controlled. The PIN and other settings are the same as SIP remote open door or GSC3570 secure open door.

The difference will come out in the touch screen UI operation of GSC3570.

Door opening with SIP Call

When GSC3570 established a call with GDS370x, the screen will display the virtual open door button(s), and the user will press the button to open the door:

Door opening without SIP Call

At the GSC3570 idle screen, press “Monitor →Door system”, and the related GDS370x will be displayed. In the blue bar, left is a “Phone” icon and right is the “Open door” icon. The“Phone” icon will establish the SIP call as the previous firmware behaved.

Press the “Open door” icon, and the GSC3570 will open the door directly and NO SIP CALL will be established. Depending on how many doors are controlled, if one door is configured, the door will open directly; if two doors are configured, another screen will pop up to allow the user to choose which door to open, as shown below:

When the door is successfully opened the following message will appear:

Secure Open Door via GDS370x and GSC3570 Peering

This secure open-door feature needs to include GSC3570 to make it a whole solution. The GDS370x/GSC3570 will be peering together in LAN/WAN via IP/SIP, and the door lock/strike will be wired to the GSC3570 alarm_Out port and controlled by GSC3570. This way the strike control is inside the building with enhanced security. Below is a setup example:

Note: Minimum firmware required for this to work:

• Outdoor Device: GDS370x firmware 1.0.1.116 and higher.
• Indoor Device: GSC3570 firmware 1.0.5.9 and higher.

For “Secure Open Door”, the GSC3570 is paired with GDS370x. The GSC3570 controls the relay/strike/lock from inside the building (Unlike GDS370x installed outside), but only ONE door can be controlled because GSC3570 only has one Relay Control circuit built-in. This pairing can be via LAN/WAN but LAN is recommended and actually, most of the application scenes are in a LAN environment because most likely the GSC3570 and GDS37xx are in the same building.

For the GSC3570 and GDS37xx pairing, it can be used via SIP only (Cloud or UCM); IP only (No SIP proxy or UCM but static IP address), and Mixed (SIP and fallback to IP if Proxy failed).

GDS370x Web Configuration

This setup can be found under the device web UI under, Door System Settings →Basic Settings:

GSC3570 Web Configuration

The GSC3570 side also need to be configured accordingly, like below example:

GDS370x HOME WEB PAGE

• Once the IP address of the GDS370x is entered on the user browser, the login web page will pop up allowing the user to configure the GDS370x parameters.
• When clicking on the “Language” drop-down, supported languages will be displayed as shown in the Figure below. Click to select the related webpage display language.

GDS3705

GDS3702

GDS370x SETTINGS

Door System Settings

Users can configure system operations parameters, like input PIN for the door (GDS3705 Model only), and manage users’ settings.

Basic Settings

Door System Settings

GDS3705 support RFID for multiple users to open door, therefore every user has its own PIN. For an environment with 100 users and more, it’s difficult for the GDS3705 to manage all these users and a separate PC or Server should be involved for such kind of management and monitoring.

In environments with more than 100 users the GDS3705, another possibility would be to set one unified Local PIN for opening the door for all the users.

Using Alarm Out (COM 1) to Control a Second Door

Starting from firmware 1.0.0.41, the user can now set Alarm_Out (COM1) interface to control a second Door, in addition to the existing Locker/COM2 interface (controlling Door1).

This feature allows GDS3705 to control the operation of two doors via RFID, and local and remote PINs.

For example, a 3^rd party Wiegand Input device or GDS3705 can be installed at Door2 with a related cable wired into the control GDS3705 installed at Door1. The Door1 and Door2 can be configured to be open by programmed RFID cards, and PINs either separately or both.

• Interface for Door Control (which Door can be OPEN):

If Alarm_Out (COM1) interface is set to control Door 2 opening, “ALMOUT1 Status” can be configured by choosing “Normal Open” or “Normal Close” based on the strike used.

Unlike the default COM2 which is designed for strike control and has three connecting sockets, COM1 only has two connecting sockets. Therefore correct lock mode has to be configured to make the strike work as expected.

For the above example, the GDS3705 is configured to control Door1 (wiring to COM2 interface); the 3^rd party Wiegand Input is set to control Door2 (wiring to COM1 interface).

In case of a power loss then the DOOR STATUS when power is off will be depending on the following situations:

• COM2 has three wiring PINs, corresponding to NO or NC accordingly. Therefore when connecting NC2 and COM2 (Fail Safe) the strike will open when power is lost and when using a NO2 strike (connecting COM2 and NO2) the door is “locked” when power is lost (Fail Secure).
• COM1 (ALMOUT1) has only two PINs and NO ONLY. If the connected strike/lock is a NO strike, this means ALMOUT1 Status should be set to “Normal Open” then the door will be closed when power is lost, while if the strike connected is NC strike, and ALMOUT1 Status is set to “Normal Close” then the door will be open when power is lost.

• Universal PIN for Operation of Doors:

If Unified PIN (Universal PIN) is configured to open door, then which door can be controlled by the PIN is configured in the UI once “Unified PIN” is selected.

For example, like the above screenshot, if this universal PIN is set to open both Door1 and Door2, but due to the previous “Control Option” set to open Door1, and “Wiegand Control” set to open Door2, therefore the final result will be the INTERSECT result of both sets with condition qualified.

• Remote PIN to Operation of Doors:

For remote PIN to open door, the PIN can be configured in example down below.

The PIN can be different for Door1 and Door2 and has to be configured correctly in related IP Phone which will be used to operate “One Key Open Door”.

If BOTH doors need to be opened at the same time, then both Door1 and Door2 have to be configured with the exactly SAME password or PIN as DTMF open door.

• Private PIN or Card & Private PIN:

If using an RFID card or Private PIN to open door, then which door can be opened by the RFID card or Private PIN is configured via “Card Management”, see above screenshot.

Keep Door Open

This feature allows users to set either an immediate or scheduled open door, this will allow usage scene like schools or similar private or public places where the door needs to keep open at specific time window and closed otherwise. Also handy for buildings or properties where a seminar needs to be hosted for some period or lunch breaks in a factory or company where the door keeps open and no access log required then back to locked with authorized entry after that, by default it’s disabled.

There are two modes under this section:

1. Immediate Open Door (One Time Only Action)

Keep Door Open	Select the Keep Door Open mode.
Length(m) to Keep Door Open	Set the amount of time in minutes where the door will keep opened. Click to open door immediately. Default value is 5.

2. Schedule Open Door (Repeated Action)

Keep Door Open	Select the Keep Door Open mode.
Schedule Start Time	Selects the start time when the door will be opened.
Schedule End Time	Selects the end time when the door will be locked.
Holiday Mode	Users can specify which Holiday Schedule to be included in the Keep Door Open schedule

Click on Edit schedule to select which periods for each day the door will remain open, as shown below screenshot.

Card Management

This page allows users to add information about RFID cards, two options are possible either add RFID cards manually or automatically.

Add Users Manually

To add users, click on , the following page will pop up.

Username	Configures the username to identify the user.
Private PIN	Specifies a PIN to unlock the door for this particular user.
Gender	Selects a gender, either Male or Female.
ID Number	Enters an ID number (This number is set by the admin to identify each user uniquely).
Card Number	Enters the RFID Card number (this is the number written on the RFID card. When “card issuing mode” is enabled, this field will be added automatically.
Valid Start Date	Configures the start date of validity of the RFID card.
Valid End Date	Configures the End date of validity of the RFID card.
Virtual Number	When dialing directly from the keypad, the GDS accepts only Virtual number to identify a user, once the Virtual number is typed followed by the # key, the SIP Number will be dialed.
SIP Number	Configures the SIP Number which is mapped with a virtual number. Once the virtual number is dialed the GDS3705 will send an INVITE to the SIP Number. Note: The SIP Number can be configured with an extension/phone number or IP address. Example: 192.168.5.124
Call Out Account	Select the SIP account that will be used to call the SIP Number extension, when choosing Auto, the unit will use the first available SIP account.
Cellphone	Configures the cellphone of the user.
Group	Specifies to which group the user will be added.
Schedule	Specifies the schedule that will be assigned to the user.
Right of Card and Private PIN	Select the doors that can be accessed by the user.
Enable	When checked, the user’s RFID and Private PIN will be active for door opening. If unchecked, the Private PIN nor RFID card swipe won’t take effect.

Add Users Automatically

If [Enable Card Issuing Mode] is checked, the GDS3705 keypad will start blinking and once an RFID card is swiped, data stored on the card will be added to the GDS3705 card management page, user can still edit the entry added automatically by modifying some fields.

Users Operation

• Click on to edit the entry or show details of the entry.
• Select the entries and click on to delete the selected users.
• Click to refresh the data entered to the GDS3705.
• Users can use to navigate through User Management pages.

Group

The Group page permits to manage the groups which will contains multiple users, click on to create new groups or to edit existing groups or to delete the group.

Note: Users can create up to 50 groups.

Group Name	Configures the name to identify the group.
Schedule	Specifies the schedule that will be used by the group.

The following screenshots display the list of the created groups.

Schedule

The Schedule page allows to manage schedule time frames which will be assigned to the users for door system usage. Out of the configured time intervals, GDS3705 will not allow users to access.

Click on to edit a schedule or for schedule details.

Holiday

The Holiday page allows to manage holidays which will be assigned to the users for door system usage.

Click on to edit the holidays or for holiday details.

System Settings

This page allows users to configure date and time, network settings as well as access method to the GDS370x and password for accessing the Web GUI.

Date & Time Settings

This page allows users to adjust the system date and time of the GDS370x.

System Time	Displays the current system time.
Allow DHCP Option 42 to override NTP server	Defines whether DHCP Option 42 should override NTP server or not. When enabled, DHCP Option 42 will override the NTP server if it’s set up on the LAN. The default setting is “Yes”.
Sync PC	Clicks to synchronize current time with the computer.
Time Zone	Selects from drop down menu the preferred time zone.
Enable Daylight Saving Time	Enables Daylight Saving Time.
Start time	Selects the Start time of DST.
End Time	Selects DST end time.
Enable NTP	Enables NTP to synchronize device time.
NTP Server	Configures the domain name of NTP server.
Update Interval	Configures the Interval (in minutes) to retrieve updates from the NTP server.

Network Settings

This page allows users to set either a static or DHCP IP address to access the GDS370x.

IP Address Mode	Selects DHCP or Static IP. Default DHCP. (Static recommended)
IP Address	Configures the Static IP of the GDS370x.
Subnet Mask	Configures the Associated Subnet Mask.
Gateway	Configures the Gateway IP address.
DNS Address Type	Specifies the DNS type used: Dynamic DNS or Static DNS.
DNS Server 1	Configures DNS Server 1 IP address.
DNS Server 2	Configures DNS Server 2 IP address.
Enable LLDP	Controls the LLDP (Link Layer Discovery Protocol) service. The default setting is “Enabled”.
Enable VLAN	Controls the VLAN. Default setting is “Disabled”
Layer 2 QoS 802.1Q/VLAN Tag	Assigns the VLAN Tag of the Layer 2 QoS packets. Valid range: 0-4096. Default value is 0.
Layer 2 QoS 802.1p Priority Value	Assigns the priority value of the Layer2 QoS packets. Default value is 0.

OpenVPN® Settings

This page allows users to configure OpenVPN settings.

Enable OpenVPN®	Enables/disables OpenVPN® functionality and requires the user to have access to an OpenVPN® server. Note: To use OpenVPN® functionalities, users must enable OpenVPN® and configure all of the settings related to OpenVPN®, including server address, port, OpenVPN® CA, certificate and key. Additionally, the user must also set the SIP account to use “VPN” for the “NAT Traversal” (under Account 🡪 Network Settings).
OpenVPN® Server Address	Defines the URL/IP address for the OpenVPN® server.
OpenVPN® Port	Defines the network port for the OpenVPN® server. The default setting is 1194.
OpenVPN® Transport	Determines network protocol used for OpenVPN® (UDP or TCP). The default setting is TCP.
OpenVPN® CA	OpenVPN® CA file (ca.crt) required by the OpenVPN® server for authentication purposes. Press “Upload” to upload the corresponding file to the device.
OpenVPN® Client Certificate	OpenVPN® CA file (ca.crt) required by the OpenVPN® server for authentication purposes. Press “Upload” to upload the corresponding file to the device.
OpenVPN® Client Key	OpenVPN® Client key (*.key) required by OpenVPN® server for authentication purposes. Press “Upload” to upload the corresponding file to the device.
OpenVPN® Cipher Method	The cipher method of OpenVPN®, must be the same cipher method used by the OpenVPN® server. Supported methods are: Blowfish, AES-128, AES-256 and Triple-DES.
OpenVPN® Username	Configures the OpenVPN® authentication username (optional).
OpenVPN® Password	Configures the OpenVPN® authentication password (optional).

TR069

This page configures the GDS370x TR-069/GDMS parameters.

Enable TR-069	Enables/disables TR-069
ACS URL	Specifies URL of TR-069 ACS (e.g.,http://acs.mycompany.com), or IP address. Default setting is “https://acs.gdms.cloud”
ACS User Name	ACS username for TR-069.
ACS Password	ACS password for TR-069.
Periodic Inform Enable	Enables periodic inform. If set to “Yes”, device will send inform packets to the ACS. The valid range is 1 – 4294967295. The default setting is “Yes”.
Periodic Inform Interval (s)	Sets up the periodic inform interval to send the inform packets to the ACS. The default value is “60”.
Connection Request User Name	The username for the ACS to connect to the phone.
Connection Request Password	The password for the ACS to connect to the phone.
Connection Request Port	Configures the port of the ACS to connect to the phone, The Default port is 7547.
Connection Request Port	The port for the ACS to connect to the phone. The default value is “7547”.
CPE Cert File	The Cert File for the phone to connect to the ACS via SSL.
CPE Cert Key	The Cert Key for the phone to connect to the ACS via SSL.

Access Settings

This page configures the GDS370x access control parameters.

Phone Settings

User Management

This page allows users to configure the password for the administrator. Since this is a door system which must be a secure product, the use is only limited to administrator.

Old Password	Old password must be entered to change new password.
New Password	Fill in the revised new password in this field.
Confirm User Password	Re-enter the new password for verification, must match.
Password Recovery Email Address	If the password is lost, you can recover it on the configured Email address here. Note: Make sure to configure SMTP Email Settings under “Email Settings”.

To recover lost password, users can from the login page click on Forgot Password?

Click the link will pop up the following page to ask to input the “Email Address” for the Recover Password to be sent to:

If the “Password Recover Email Address” and related SMTP is configured correctly, then click the “OK” button, the device will email the administrator password to the inputted email address, if the email address entered matches the pre-configured “Password Recover Email Address” inside the device and the device with working SMTP service configured.

Otherwise the device will prompt the following message at top of the UI page to advise user to configure the related parameters or service, to make this feature working. User can still click “Cancel” to omit these setting and continue the UI operation, but this is bad operation behavior.

Grandstream strongly suggest user to configure a working email address as “Password Recover Email Address” and configure a good SMTP service to the device. So, if something happened, the administrator can get the password recover email to unlock the device.

Factory Functions

Users could access factory functions in order to diagnosis the hardware and software of the unit like verifying the audio loopback and certificates verification.

Audio Loopback	Press Start button and speak to the GDS370x. If you can hear your voice, your audio is working fine. Press Stop to exit audio loopback mode.
Certificate Verification	This is used to validate certificate chain for the server’s certificate.

Account

The GDS370x supports 4 SIP accounts and 4 lines, this section covers the configuration of basic and advanced SIP settings for each SIP account.

Account 1 – 4

This page allows the administrator to configure the SIP account basic and advanced settings for each SIP account:

SIP Account Basic & Advanced Settings

Phone Settings

The phone settings allow users to configure the GDS370x phone settings and the White list for all the SIP accounts.

Phone Settings

This page allows users to configure the GDS370x phone settings.

Phone settings

Account [1-4] White List

This page allows users to configure the white list per account, which is a phone number or extension list that can call the GDS370x. (The call will be automatically answered when calling from a phone set on the white list, and all other inbound calls will be blocked), the user can configure up to 30 white phone numbers per SIP account.

Moreover, besides numbers associated to active cards, and numbers on the “Number Called When Door Bell Pressed” setting, all whitelisted numbers can open door remotely by using the respective PIN code ( Can be configured for the GDS3705 Model only)

The table below gives a brief overview of the options:

Enable White Number List	Enables the White List feature.
Phone Number 1 -200	Adds a new phone number to the white list.

Audio Settings

The audio settings allow users to configure the audio codecs and Volume related settings.

Audio Settings

This page allows users to configure the audio settings.

System Volume	Adjusts the speaker volume connected.
Doorbell Volume	Adjusts the doorbell volume.
Enable Custom Doorbell Ringtone	User can check this option in order to use the custom Doorbell Ringtone. Default Ringtone is used when this option is disabled.
Tool	This button will redirect user to our Grandstream Ringtone Generator tool in our website.

• Click onto upload the ringtone file, then press
• Click onto delete the existent custom ringtone.
• Support upload WAV, PCM audio file (size <= 600K). Format limit to:

WAV:

1. Sample Rate: 8k or 16k.

2. Channel: Mono-channel or Dual-channel.

PCM:

1. Sample Rate: 8K.

2. Channel: Dual-channel.

Alarm Config

This page allows users to configure alarm schedule and alarm actions.

Alarm Events Config

This page allows users to configure GDS370x events to trigger programmed actions within predefined schedule.

Input Digit

Digit Input 1	Selects the Input method (alarm Input or Door Open). Default disabled. Digital Input Port operates in 3 Modes: Alarm Input: Connect various of sensor to trigger alarm. Open door: Connect a switch to open door from inside. Abnormal Door Control: When enabled (special wiring required, see below wiring diagram), abnormal open door will be detected and therefore trigger siren alarm. Notes: If Digital Input port is connected to a switch, it will not work during the time of power outage, device booting or firmware upgrading. Abnormal open door will be detected by DI port (Alarm_In2 or IN2 in below diagram showed) if wired correctly (connecting the COMx port to DIx port). Please refer to XXX for diagrams showing the correct wiring to enable this feature.
Digit Input 1 Status	If set to Normal Open: Configured alarm will be triggered when Digital Input Status switch from Close to Open. If set to Normal Close: Configured alarm will be triggered when Digital Input Status switch from Open to Close. By default, Input Digit 1 Status is “Disabled”.
Select Schedule 1	Selects the predefined Alarm Schedule.
Select Alarm Action Profile 1	Selects the predefined Alarm Action for Profile 1.
Digit Input 2	Selects the Input method (alarm Input or Door Open). Default disabled. Digital Input Port operates in 2 Modes: 1. Alarm Input: Connect various of sensor to trigger alarm. 2. Open door: Connect a switch to open door from inside. If Digital Input port is connected to a switch, it will not work during the time of power outage, device booting or firmware upgrading.
Digit Input 2 Status	If set to Normal Open: Configured alarm will be triggered when Digital Input Status switch from Close to Open. If set to Normal Close: Configured alarm will be triggered when Digital Input Status switch from Open to Close. By default, Input Digit 2 Status is “Disabled”.
Select Schedule 2	Selects the predefined Alarm Schedule.
Select Alarm Action Profile 2	Selects the predefined Alarm Action for Profile 2.
Alarm Output Duration(s)	Select the duration of the alarm output: 5/10/15/20/25/30 seconds. This option is hidden when ALMOUT1 Feature is set to Open Door.

Alarm Output

Alarm Output Duration(s) specifies how long the alarm output will take effect. The available values are: 5,10,15,20,25 and 30 seconds.

Silently Alarm Mode

If Silently Alarm Mode is enabled, GDS370x will disable alarm sound and background light for specified alarms types (Digital Input) when they are triggered.

Enable Silent Alarm Mode	Enable/Disable silent alarm mode. Disabled by Default
Silent Alarm Options	When the silently alarm mode is enabled, users can specify to which alarm options the silently mode will be applied to. The available options are: Digital Input, Tamper Alarm, and Password Error.

Hostage Code

Hostage password can be used in a critical situation for instance a kidnaping or an emergency, users need to enter the following sequence to trigger the actions set for the Hostage Mode: “* HostagePassword #”.

Enable Hostage Code	Enable/Disable the Hostage password mode.
Hostage Code	Configures the password for the hostage mode.
Select Alarm Action Profile	Select the Alarm action to be taken when the hostage password is typed on the GDS3705 keypad. Note: No sound alarm will be triggered in this mode.

Tamper Alarm

Tamper alarm is anti-hack from Hardware level. When this option is checked, if the GDS370x is removed from the installation bracket, the built-in Howell Magnetic Switch will function and Tamper Alarm (if enabled and configured, default disabled) will be fired.

This embedded feature in the GDS37xx serves the purpose of enabling the device to detect the separation of these two components, similar to how security magnetic sensors detect the opening and closing of windows or doors.

Enable Tamper Alarm	When activating this mode, GDS370x will keep alarming until the alarm is dismissed.
Select alarm Action Profile	Select the type of alarms actions to be triggered for the tamper alarm mode.

Keypad Input Error Alarm

Enable Alarm for PIN Input Error	Enable/Disable the Input Error Alarm, GDS3705 will trigger alarm actions at every 5 incorrect attempts.
Select Alarm Profile	Select the type of alarms actions to be triggered after 5 incorrect attempts.

Non-Scheduled Access Alarm

Enable Alarm for PIN Input Error	When enabled, After 5 consecutive incorrect pin codes, the device plays an alarm siren sound and takes alarm actions.
Select Alarm Action Profile	Select the type of alarms actions to be triggered.

Alarm Schedule Settings

This page specifies the configuration of Alarm Schedule.

Note: Schedule must be configured first to allow the alarm to take the related action.

GDS370x supports up to 10 alarm schedules to be configured, with time span specified by users. User can edit the alarm schedule by clicking button. Usually the 24 hours’ span is 00:00 ~ 23:59, which is 24 hours’ format.

Users can copy the configuration to different date during the schedule programming.

Enable Non-authorized RFID Card Access Alarm

This option can be enabled from the web GUI, under Alarm Settings → Alarm Event Config

Any illegal card swiped trying to access the door will trigger alarm based on user’s configuration, like below:

User will get email, snapshot, etc., based on the Alarm Action Profile configured, to enhance the security of access control.

Alarm Action Settings

This page specifies the configuration of Profile used by the Alarm Actions. A Profile is required before the Alarm Action can take effect.

User can edit the alarm action by clicking button, the following window will popup.

To test an alarm action profile, users can click on button and the GDS will initiate all actions specified on the select alarm profile.

Upload to Alarm Center	If selected, the GDSManager will popup alarm window and sound alarm in the computer speaker.
Audio Alarm to SIP Phone	If selected, GDS3705 will call pre-configured phone and will play sound alarm.
Send Email	If selected, an email will be sent to the pre-configured email destination.
Audio Alarm	If selected, GDS3705 will play alarm audio using built-in speaker.
Alarm Output	If selected, the alarm will be sent to the equipment (for example: Siren) connected to Alarm Output interface.

Alarm Phone

This page allows users to configure the Alarm Phone List, which are phone numbers or extensions list that the GDS370x will call out when event is trigged (e.g.: doorbell pressed), the administrator can configure up to 10 phone numbers to be called and specify the SIP account to trigger the alarm call.

Alarm Call Out Account	Define the SIP account that will be used to trigger the alarm call, when choosing Auto, the unit will use the first available SIP account.
Alarm Phone 1-10	Add the phone numbers to be called into the alarm list.

Once the event is triggered (Door Bell Pressed…), the GDS3705 will call the first number, once time out is reached and no answer is returned from the first number, the GDS3705 will try the next number on the list and so on. Once the remote phone answers the call, an alarm will be played to notify users that an event is triggered.

Email Settings

This page contains Email Settings.

Email Settings

This page allows users to configure email client to send out an email when the alarm is triggered.

SMTP Server	Configures the SMTP Email Server IP or Domain Name.
SMTP Server Port	Specifies the Port number used by server to send email.
From E-mail address	Specifies the email address of alarm email sending from, usually client email ID.
Sender Email ID	Specifies sender’s User ID or account ID in the email system used.
Sender Email Password	Specifies sender’s password of the email account.
Alarm-To Email Address 1	Specifies the 1st email address to receive the alarm email.
Alarm-To Email Address 2	Specifies the 2nd email address to receive the alarm email.
SSL	Check if the SMTP email server requires SSL.

Maintenance Settings

This page shows the GDS370x Maintenance parameters.

Upgrade

This page contains the upgrade parameters of the GDS370x.

Upgrade Via	Selects the upgrade method (HTTP, HTTPS).
Firmware Server Path	Configures the IP address or the FQDN of the upgrade server.
Config Server Path	Configures the IP address or the FQDN of the configuration server.
HTTP/HTTPS User Name	User name if needed by remote provisioning HTTP/HTTPS server.
HTTP/HTTPS Password	Password to authenticate with remote provisioning HTTP/HTTPS server.
Firmware File Prefix	Prefix that will be added when requesting firmware file.
Firmware File Postfix	Postfix that will be added when requesting firmware file.
Config File Prefix	Prefix that will be added when requesting config file.
Config File Postfix	Postfix that will be added when requesting config file.
XML Config File Password	Specifies the password for the configuration file.
Validate Server Certificate	Enable this option to validate certificate with trusted ones during TLS connection.
Automatic Upgrade Interval(m)	Specifies the upgrade interval in minutes.
Enable DHCP Option 66 Override Server	Activates DHCP option 66 to override upgrade/config servers.
Zero Config	Enables Zero Config feature for auto provisioning.
Automatic Upgrade	Enables automatic upgrade and provisioning. Set schedule for provisioning for either every X minutes, every day or every week. Default is No.
Randomized Automatic Upgrade	Enable and define the start/End hours of the day and days of the week where the GDS will randomly checking for update.
Disable SIP NOTIFY Authentication	If this option is checked, the Device will not challenge NOTIFY with 401. Default setting is Enabled.

Reboot & Reset

This page allows user to reboot (scheduled or immediate) and reset the GDS370x.

Reboot	When clicked, the GDS370x will restart (soft reboot).
Auto Reboot	With this feature, users can configure convenient selected schedule for the device to reboot by itself, per week or per day.
Reset	There are two options for the reset function.
Clear All Data	All data will be reset, GDS370x will be set to factory default.
Retain Network Data Only	All data will be erased except for Network data like IP address…
Retain Only Card Information	All data will be erased except for cards information.
Retain Network Data and Card Information	All data will be erased except for Network Data and Card Information.

Debug Log

This page allows user to configure SYSLOG to collect information to help troubleshooting issues with GDS370x.

Data Maintenance

This page allows users to manage the GDS370x configuration file by importing/exporting the configuration files.

Click on to save the GDS370x configuration in a predefined directory.

System Health Alert

This page allows users to enable real-time or periodic email notifications about the GDS system status: Registration, Running Status and Temperature. This will require Email Settings already configured.

Enable System Health Alert	When this option is checked, then the GDS will send alert emails regarding the events selected under Event Name section using the already configured [Email Settings].
Delivery Method	There are two options: Real-Time: the GDS will be sending successively alert emails every second. Periodic: a Time Interval of 1~10080 minutes between each email can be configured.
Email Title	This would be the Email Subject title. Maximum characters number is 256.
Event Name	SIP Registration Status: When checked, Email will contain Offline/Online indication for all 4 accounts.
System Running Status: When checked, Email will contain the system uptime.
System Temperature: When checked, Email will contain Temperature value of the system in °C and °F, as well as whether the temperature is normal on not.

Event Notification

This page allows users to configure the event notification details that will be used by GDS370x to communicate to an HTTP server and Log Events. When the feature Enable and Configured, all the event logs will be uploaded to server: RFID open door (for GDS3705 only), PIN open door (for GDS3705 only), SIP Call, Alarm, etc…

For instance, the GDS3705, after an RFID Card swiping, will send to the configured HTTP server the following HTTP POST containing “Use card open door” event:

POST / HTTP/1.1

Host: 192.168.6.107
Authorization: Basic Og==
Connection: keep-alive
Content-Length: 90

Date: 2017-11-09; Time: 14:07:27; Event describe: Use card open door. Card ID: 378690700. 

Or, the GDS3702, after making a Call, when doorbell pressed, will send to the configured HTTP server the following HTTP POST containing “Phone call” event:

POST/HTTP/1.1

Host:192.168.6.107
Authorization:BasicOg==
Connection:keep-alive
Content-Length:62

Date: 2017-11-09; Time: 14:13:12; Event describe: Phone call. 

These HTTP POST messages can be used by a 3^rd party software to integrate the GDS370x.

Event Log

Users could check all device logs directly from the GDS web UI under the menu “Maintenance 🡪 Event log”.

To get logs for a specific date interface, select the Start Time and End Time, then select which Event type you want to check using the drop-down list, and click on to display the records.

The following Event Types are included for filtering:

OpenDoor (via card, Pin or DI, Card+PIN, remote PIN.).

• Open Door via Card
• Visiting Log
• Open Door via PIN
• Open Door via DI
• Open door by SI
• Call Log
• Open Door via Card and PIN
• Open Door via Remote PIN
• DI Alarm
• Door & Lock Abnormal Alarm
• Dismantle by Force
• System Up
• Reboot
• Reset
• Config Update
• Firmware Update
• Non-scheduled Access
• Hostage Alarm
• Invalid Password
• Temperature Alarm
• Unauthorized door opening attempt

For more information about event logs, please visit this guide.

Certificates

This page allows users to upload up to 6 Trusted CA certificate files which will be trusted by the GDS during SSL exchange.

Also users are allowed to configure the device with custom certificate signed by custom CA certificate under the Custom Certificate section.

In order to upload your Trusted CA certificate:

Click on button to upload a file and some related information to the uploaded file will be displayed, such as “Issued by” and “Expiration date”.

User could press to delete one of the files.

In order to upload your Custom certificate:

Click on button to upload a file and some related information to the uploaded file will be displayed, such as “Issued by” and “Expiration date”.

User could press to delete one of the files.

Status

This page displays GDS370x accounts, system, and network information.

Account Status

This page displays of configured accounts’ SIP user ID, SIP server as well as the SIP Registration status, from Account 1 to Account 4.

Notes:

• When the SIP account is registered, the SIP Registration status display will be Online
• When SIP account is unregistered, the SIP Registration status display will be Offline

System Info

This page displays information such as the product model, the hardware version, firmware…

Product Model	Displays the Product Model.
Hardware Version	Displays the Hardware Version.
Part Number	Displays the Part Number.
Boot Version	Displays the Boot Version.
Core Version	Displays the Core Version.
Base Version	Displays the Base Version.
Prog Version	Displays the Prog Version.
System UpTime	Displays the time since the first boot of the GDS3705.
Firmware Status	Click the button to check whether the firmware in the firmware server has an updated version, if so, update immediately.
System Temperature	Shows the current system temperature ( in °C and °F)
Tamper Sensor	Shows if the Tamper Sensor is triggered or not.
Door Control	Shows if the door control is triggered or not (in case door is opened for example it will show triggered
Door 1 Ctrl	Shows if Door 2 is opened.
Door 2 Ctrl	Shows if Door 2 is opened.
Input Digit 1	Shows if Alarm-IN 1 is triggered.
Input Digit 2	Shows if Alarm-IN 2 is triggered.
Digit Output	Shows if digital output is triggered.

Network Info

This page displays the network system information of GDS370x.

MAC Address	Displays the GDS370x MAC Address.
IP Address Mode	Displays the IP address mode used.
IP Address	Displays the IP address of the GDS370x.
Subnet Mask	Displays the Subnet Mask used.
Gateway	Displays the GDS370x Gateway.
DNS Server 1	Displays the Preferred DNS Server.
DNS Server 2	Displays the secondary DNS Server.

FACTORY RESET

Restore to Factory Default Via Web GUI

To perform factory reset to the GDS370x via the Web GUI, please refer to following steps:

1. Access to GDS370x Web GUI using the using the shipped default password.
2. Navigate to Maintenance 🡪Reboot & Reset.
3. Select the reset type from Rest drop down menu and press reset button as displayed on the following screenshot.

Hard Factory Reset

Some users did not keep the revised password safely and forgot the changed password. Due to GDS370x did NOT have built-in reset button (Grandstream purposely designed this way to enhance security), this will make the GDS370x inaccessible even for the true owner who lost the changed password.

Below is a photo of the normal connection of the provided Wiegand cable.

To perform a hard factory reset to the GDS3705, please refer to the following steps:

1. Power OFF the GDS3705.
2. Take the provided Wiegand cable, and connect (or shorting) the related color wires as illustrated on the following picture. Please make sure the connection is correct and solid:

• Connect WHITE and BROWN cable together.
• Connect GREEN and ORANGE cable together.

3. Power ON the GDS3705. In about 10 seconds, the keypad LED lighting will change from solid lighting to blinking, the blinking time window is about 30 seconds. The user needs to enter the following key combination *0# while the LED is blinking.
Notes:

• If the correct key combination is inputted, the last key input will play with a long tone, illustrating the correct key combination entered, then the GDS3705 will get into factory reset mode.
• During the blinking time window, if the user does not finish the key combination operation, or pressed the wrong key combination, the GDS3705 will play short beep quickly three times illustrating error. Nothing will happen and the GDS3705 will get into normal booting process. User who wants to do hard factory reset has to perform the operation from the beginning again.

4. After 3 ~ 5 minutes the GDS3705 will finish performing the reset process, then the user can log into the GDS3705 web GUI using the shipped default password.

5. User must power OFF the GDS3705, unplug the Wiegand cable, power ON the GDS3705 again and make sure the GDS3705 is running correctly.

Hard Factory Reset Using GS Search

The GDS3702 can be reset using the GS Search tool by following these steps :

1. Open the GS Search tool that can be downloaded from the Grandstream tools page.

2. Select the device in question, in our example it is the GDS3702, and then select Facility Device Password Recovery.

3. Perform the reset of the device by clicking the Reset button option.

Restore to Factory Default Via SIP NOTIFY

1. Access your GDS370x UI by entering its IP address in your favorite browser.

2. Go to the Phone Settings # page.

3. Enable “Allow Reset Via SIP NOTIFY” by checking this option. (Default is disabled)

4. Once a SIP NOTIFY with “event: reset” is received, the GDS370x will perform factory reset after authentication phase.

The authentication can be done either using an admin password (if no SIP account is configured) or via SIP account credentials (SIP User ID and Password).

Reset Factory Password Via Special Key Combination Operation

This feature allows customers to reset the device administrator password to factory default via keypad operation through some special key combination. When performing this operation, ONLY the password will be reset back to factory default. All other settings or parameters will NOT be changed and will remain the same. This feature is specially designed for field engineers or technicians when dispatched in the field but for some reason, the administrator password is not available therefore not able to access the GDS37xx device to do the related maintenance.

Here are the steps to do such a password reset operation via keypad:

Encoding Rules:

Alphabet A – Z mapping to digit 1 – 26 respectively, no difference in lower or up case.

A	B	C	D	E	F	J	H	I	G	K	L	M	N	O	P	Q	R	S	T	U	V	W	X	Y	Z
1	2	3	4	5	6	7	8	9	10	11	12	13	14	15	16	17	18	19	20	21	22	23	24	25	26

Operation Steps:

1. When device is idle, input the special keypad combination with format: ***last_6_MAC**#
2. Device will reach restore mode after correct digits in Step 1) entered. The backlight of keypad will flash quickly to tell operator the device is now in password reset/restore mode.
3. Operator will enter the correct decoded default password ending with # with format: default_password_code# via the keypad within 60 seconds.
4. If wrong code combination entered, the GDS3705 will beep with error sound (three short beeps) then exit the password reset mode, and the backlight will stop flashing.
5. If the correct default password decoded entered within 60 seconds, GDS3705 will play a long beep sound (advising correct operation), the device will reboot itself automatically.
6. If keypad entry time out (not finish the input within 60 seconds), the device will exit this password reset mode automatically and stop the backlight flashing.
7. After successful password reset, operator will then be able to log into the GDS3705 webUI with default password, all the configuration inside the device will be the same and will NOT be changed.

For example:

Decoding the string into digits and write to paper before doing the operation:

Device with last 6 MAC address: 33DDDD

Decoding the last 6 MAC to digits would be: 334444

Default password is: xwpxz6AA

Decoding the default password to digits would be: 2423162426611

1. Enter ***334444**# via keypad, get into the password reset mode, the keypad backlight will flash quickly.
2. Within 60 seconds, enter 2423162426611#, the device will play one long beep then reboot itself.
3. Wait the device finishing boot up, log in the webUI using the default password, xwpxz6AA

CHANGE LOG

This section documents significant changes from previous versions of the user manual for GDS370x. Only major new features or major document updates are listed here. Minor updates for corrections or editing are not documented here.

Firmware Version 1.0.3.11

Product name : GDS3702, GDS3705

• Added ability to disable CFG download with password (ITSP/Telefonica). [CFG Download]
• Added support for configuring different “Number Called When Door Bell Pressed” entries depending on the time frame or schedule. [Number Called When Door Bell Pressed]

Firmware Version 1.0.3.10

• Added TR069/GDMS support. [TR-069]

Firmware Version 1.0.1.21

• Cisco WebEx IOT: Added Web UI Option “SIP URI Scheme When Using TLS” and “Support SIP Instance ID” [Table 15: SIP Account Basic & Advanced Settings]
• Added support for configurable keypad blue light On/Off. [Table 5: Door System Settings]
• Added unauthorized card swiped on wired external 3rd party Wiegand reader will also have alert message in event Log [Event Log]
• Increased Whitelist Number to maximum 200 in each Account [Table 17: White List]
• Added prompt “Alarm Schedule Name” and “Alarm Action Profile Name” cannot be blank. [Alarm Config]
• 3CX IOT: Support “Add MAC in User-Agent”  and Added “Codec Negotiation Priority” configuration [Table 15: SIP Account Basic & Advanced Settings]
• Added error prompt if illegal port value is set to web access [Table 12: Access Settings]

Firmware Version 1.0.1.16

• Added open door without SIP call when paired with GSC3570. [Door opening without SIP Call]
• Added scheduled Auto Reboot. [Auto Reboot]
• Enhanced open door via 3^rd party Webrelay ON/OFF URL. [Table 5: Door System Settings]
• Added Alarm Action triggering when illegal card swiped. [Alarm Action When Illegal Card Swiped]
• Added enable/disable password display on Web UI when using HTTPs. [Table 12: Access Settings]
• Added secure open door with GDS3705/GSC3570 setup. [Secure Open Door via GDS3705/GSC3570 Peering]
• Added the time zone GMT-03:30 for Newfoundland. [Time Zone]

Firmware Version 1.0.1.11

• Added OpenVPN® support. [OpenVPN® Settings]
• Added WebRelay Open Door Feature. [Door System Settings]
• Increased Unlock Holding Time to 30 minutes. [Table 5: Door System Settings]
• Changed SIP Account Name to Display Name. [Table 15: SIP Account Basic & Advanced Settings]
• Added reboot/resync via SIP Notify. [Disable SIP NOTIFY Authentication]

Firmware Version 1.0.1.6

• Added support for failover mechanism based on DNS SRV. [Table 15: SIP Account Basic & Advanced Settings]
• Added siren alarming function when door opened abnormally (special wiring required). [Siren alarming when door opened abnormally]
• Added including Holidays at Keep Door Open schedule. [Holiday Mode]
• Added reset/restore factory default password via special keypad combination operations. [Reset Factory Password]

Firmware Version 1.0.1.3

• Added support for re-registration before expiration. [Table 15: SIP Account Basic & Advanced Settings]
• Enhanced security and prevent ghost calls. [Table 15: SIP Account Basic & Advanced Settings]
• Added support for DHCP Option 42. [Allow DHCP Option 42 to override NTP server]
• Added support for Voice Frame Per TX at audio settings. [Table 15: SIP Account Basic & Advanced Settings]
• Added support of separated webUI credentials for GDSManager. [GDSManager Configuration Password]
• Added support for G.729 audio codec. [Table 15: SIP Account Basic & Advanced Settings]
• Added ability to enable multiple audio codecs simultaneously and specify priority of codecs. [Table 15: SIP Account Basic & Advanced Settings]
• Added support for randomize firmware upgrade and provisioning. [Upgrade]

Firmware Version 1.0.0.41

• Added support for second door control via Alarm Output 1. [Using Alarm Out (COM 1) to Control a Second Door]
• Added support for “Normal Open” or “Normal Close” setting when Alarm Out1 is set to Open Door. [ALMOUT1 Status]
• Added option to specify digital input to be normal Open or normal Close. [Digit Input 1 Status]
• Added support for using Digit Only as Private PIN. [Local PIN Type]
• Added support for System Health Alerts via Email. [System Health Alert]
• Added option to upload custom doorbell ringtone. [Enable Custom Doorbell Ringtone]
• Added option to disable WEB/SSH access. [Access Settings]
• Added option for calling out automatically without pressing #. [No Key Input Timeout(s)]
• Added option to disable SIP dialing from GDS keypad. [Disable Keypad SIP Number Dialing]
• Added option to set Schedule for “Local PIN to Open Door”. [Local PIN to Open Door Schedule]
• Added option to customize DTMF Payload. [DTMF Payload Type]
• Added RTCP/RTCP-XR for SIP Call. [Technical Specifications] [Enable RTCP]
• Added Boot version information into System status. [System Info]
• Enhanced security by only allowing numbers existing under “White List” to open the door remotely when call is initiated from GDS3705. [Remote PIN to Open the Door]
• Added option to synchronize Keep Door Open from GDSManager version 1.0.1.1 or later. [Central Mode]

Firmware Version 1.0.0.37

• Added event log showing the users (Username) opening door via private PIN [Event Log]
• Added SIP NOTIFY to factory reset [Allow Reset Via SIP NOTIFY] [Restore to Factory Default Via SIP NOTIFY]
• Added option to disable outbound proxy route header [Outbound Proxy Mode]
• Added option to verify received SIP Message [Validate Incoming Messages]

Firmware Version 1.0.0.36

• Added support for special character “@” in the SIP User ID. [SIP User ID]
• Added SIP password hided and not visible in the Web UI. [Password]
• Extended VLAN range from 0-4094. [Layer 2 QoS 802.1Q/VLAN Tag]
• Added ability to configure device with custom certificate signed by custom CA certificate [Certificates]
• Added option to display device temperature in Fahrenheit. [System Temperature]

Firmware Version 1.0.0.35

• Added option to assign a schedule to the doorbell. [Press Doorbell Schedule]
• Added option to set the maximum number of digits dialed. [Maximum Number of Dialed Digits]
• Added support for Parallel Hunting when doorbell pressed. [Door Bell Call Mode]
• Added firmware check status button. [Firmware Status]
• Added Account section. [Account]
• Enhanced Event Notification Template Variables. [Event Notification]
• Added Random Port option. [Use Random Port]
• Added NAT Traversal option. [NAT Traversal]
• Added Doorbell Call Out Account. [Doorbell Call Out Account]
• Add ability to set schedule for Alarm IN door opening. [Input Digit]
• Added Account Status section. [Account Status]

Firmware Version 1.0.0.31

• Added “Enabled but Not Forced; Enabled and Forced” under SRTP Configuration. [Enable SRTP]

Firmware Version 1.0.0.28

• Added alarm notification of non-scheduled access users. [Non-Scheduled Access Alarm]
• Added support for HTTP command to Open Door [Enable HTTP API Remote Open Door]
• Added Keep Door Open section. [Keep Door Open]
• Added “Test” Button for Alarm Action. [Alarm Config]

Firmware Version 1.0.0.26

• Added displaying logs at device Web UI. [Event Log]
• Added ability to upload Trusted CA certificate files. [Trusted CA certificate ]
• Added option to enable/disable certificate validation. [Validate Server Certificate]
• Added Ability to configure Start/End Valid date for users. [Card Management]
• Changed password recovery email option to user settings page. [User Management]
• Added UI showing Temperature/TamperSensor/DoorControl/DI/DO in the System Info Page [System Info]
• Added Support for system events notification via HTTP. [Event Notification]
• Added Factory Functions for Audio Loopback and Certificate Verification. [Factory Functions]

Firmware Version 1.0.0.20

• This is the initial version for GDS3705.